<?xmlversion='1.0' encoding='utf-8'?>version="1.0" encoding="UTF-8"?> <!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?><!-- generated by https://github.com/cabo/kramdown-rfc version 1.6.36 (Ruby 3.2.2) --> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-irtf-cfrg-rsa-blind-signatures-14" number="9474" submissionType="IRTF" category="info" consensus="true" tocInclude="true" sortRefs="true" symRefs="true" updates="" obsoletes="" xml:lang="en" version="3"> <!-- xml2rfc v2v3 conversion 3.17.4 --> <front> <title abbrev="RSA Blind Signatures">RSA Blind Signatures</title> <seriesInfoname="Internet-Draft" value="draft-irtf-cfrg-rsa-blind-signatures-14"/>name="RFC" value="9474"/> <author initials="F." surname="Denis" fullname="Frank Denis"> <organization>Fastly Inc.</organization> <address> <email>fd@00f.net</email> </address> </author> <author initials="F." surname="Jacobs" fullname="Frederic Jacobs"> <organization>Apple Inc.</organization> <address> <email>frederic.jacobs@apple.com</email> </address> </author> <author initials="C. A." surname="Wood" fullname="Christopher A. Wood"> <organization>Cloudflare</organization> <address> <email>caw@heapingbits.net</email> </address> </author> <date year="2023"month="July" day="10"/> <keyword>Internet-Draft</keyword>month="October"/> <workgroup>Crypto Forum</workgroup> <keyword>RSABSSA</keyword> <keyword>RSA</keyword> <keyword>blind signature</keyword> <abstract><?line 139?><t>This document specifies an RSA-based blind signature protocol. RSA blind signatures were first introduced by Chaum for untraceable payments. A signature that is output from this protocol can be verified as an RSA-PSS signature.</t> <t>This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.</t> </abstract><note removeInRFC="true"> <name>Discussion Venues</name> <t>Source for this draft and an issue tracker can be found at <eref target="https://github.com/chris-wood/draft-wood-cfrg-blind-signatures"/>.</t> </note></front> <middle><?line 147?><section anchor="introduction"> <name>Introduction</name> <t>Originally introduced in the context of digital cash systems by Chaum for untraceable payments <xref target="Chaum83"/>, RSA blind signatures turned out to have a wide range of applications ranging from privacy-preserving digital payments to authentication mechanisms <xref target="GoogleVPN"/> <xref target="ApplePrivateRelay"/> <xref target="PrettyGoodPhonePrivacy"/>.</t> <t>Recently, interest in blind signatures has grown to address operational shortcomings from applications that use Verifiable Oblivious Pseudorandom Functions (VOPRFs) <xreftarget="VOPRF"/>,target="I-D.irtf-cfrg-voprf"/>, such as Privacy Pass <xreftarget="PRIVACY-PASS"/>.target="I-D.ietf-privacypass-protocol"/>. Specifically, VOPRFs are not necessarily publicly verifiable, meaning that a verifier needs access to the VOPRF private key to verify that the output of a VOPRF protocol is valid for a given input. This limitation complicates deployments where it is not desirable to distribute private keys to entities performing verification. Additionally, if the private key is kept in a Hardware Security Module, the number of operations on the key is doubled compared to a scheme where only the public key is required for verification.</t> <t>In contrast, digital signatures provide a primitive that is publicly verifiable and does not require access to the private key for verification. Moreover, <xref target="JKK14"/> shows that one can realize a VOPRF in theRandom Oracle Modelrandom oracle model by hashing asignature-message(message, signature) pair, where the signature is computed using a deterministic blind signature protocol.</t> <t>This document specifies (1) a protocol for computing RSA blind signatures using RSA-PSSencoding,encoding anda(2) a family of variants (<xref target="rsabssa"/>) for this protocol, denoted RSABSSA (RSA Blind Signature with Appendix). In order to facilitate deployment, it is defined in such a way that the resulting (unblinded) signature can be verified with a standard RSA-PSS library.</t> <t>This document represents the consensus of the Crypto Forum Research Group (CFRG). It is not an IETF product and is not a standard.</t> </section> <section anchor="requirements-notation"> <name>Requirements Notation</name> <t>The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shownhere. <?line -6?> </t>here.</t> </section> <section anchor="notation"> <name>Notation</name> <t>The followingtermsterms, which describe different protocol operations, are used throughout thisdocument to describe the protocol operations in thisdocument:</t><ul<dl spacing="normal"><li>bytes_to_int<dt>bytes_to_int andint_to_bytes: Convertint_to_bytes:</dt><dd>Convert a byte string to and from a non-negative integer.bytes_to_int bytes_to_int and int_to_bytes are implemented as OS2IP and I2OSP -- as described in <xreftarget="RFC8017"/>,target="RFC8017"/> -- respectively. Note that these functions operate on byte strings in big-endian byteorder.</li> <li>random_integer_uniform(M, N): Generateorder.</dd> <dt>random_integer_uniform(M, N):</dt><dd>Generate a random, uniformly distributed integer R between M inclusive and N exclusive, i.e., M <= R <N.</li> <li>bit_len(n): ComputeN.</dd> <dt>bit_len(n):</dt><dd>Compute the minimum number of bits needed to represent the positive integern.</li> <li>inverse_mod(x, n): Computen.</dd> <dt>inverse_mod(x, n):</dt><dd>Compute the multiplicative inverse of x mod n or fail if x and n are notco-prime.</li> <li>is_coprime(x, n): Returnco-prime.</dd> <dt>is_coprime(x, n):</dt><dd>Return true if x and n are co-prime, and falseotherwise.</li> <li>len(s): Theotherwise.</dd> <dt>len(s):</dt><dd>The length of a byte string, inbytes.</li> <li>random(n): Generatebytes.</dd> <dt>random(n):</dt><dd>Generate n random bytes using acryptographically-securecryptographically secure random numbergenerator.</li> <li>concat(x0,generator.</dd> <dt>concat(x0, ...,xN): ConcatenationxN):</dt><dd>Concatenation of byte strings. For example, concat(0x01, 0x0203, 0x040506) =0x010203040506.</li> <li>slice(x,0x010203040506.</dd> <dt>slice(x, i,j): Returnj):</dt><dd>Return bytes in the byte string <tt>x</tt> starting from offset <tt>i</tt> and ending at offset <tt>j</tt>, inclusive. For example, slice(0x010203040506, 1, 5) =0x0203040506.</li> </ul>0x0203040506.</dd> </dl> </section> <section anchor="core-protocol"> <name>Blind Signature Protocol</name> <t>The RSA Blind Signature Protocol is a two-party protocol between a client and server where they interact to compute <tt>sig = Sign(sk, input_msg)</tt>, where <tt>input_msg = Prepare(msg)</tt> is a prepared version of the private message <tt>msg</tt> provided by the client, and <tt>sk</tt> is the private signing key provided by the server. See <xref target="cert-oid"/> for details on how <tt>sk</tt> is generated and used in this protocol. Upon completion of this protocol, the server learns nothing, whereas the client learns <tt>sig</tt>. In particular, this means the server learns nothing of <tt>msg</tt> or <tt>input_msg</tt> and the client learns nothing of <tt>sk</tt>.</t> <t>The protocol consists of four functions -- Prepare, Blind, BlindSign, and Finalize -- and requires one round of interaction between client and server. Let <tt>msg</tt> be the client's private input message, and let <tt>(sk, pk)</tt> be the server's private and public key pair.</t> <t>The protocol begins by the client preparing the message to be signed by computing:</t> <artwork><![CDATA[ input_msg = Prepare(msg) ]]></artwork> <t>The client then initiates the blind signature protocol by computing:</t> <artwork><![CDATA[ blinded_msg, inv = Blind(pk, input_msg) ]]></artwork> <t>The client then sends <tt>blinded_msg</tt> to the server, which then processes the message by computing:</t> <artwork><![CDATA[ blind_sig = BlindSign(sk, blinded_msg) ]]></artwork> <t>The server then sends <tt>blind_sig</tt> to the client, which then finalizes the protocol by computing:</t> <artwork><![CDATA[ sig = Finalize(pk, input_msg, blind_sig, inv) ]]></artwork> <t>The output of the protocol is <tt>input_msg</tt> and <tt>sig</tt>. Upon completion, correctness requires that clients can verify signature <tt>sig</tt> over the prepared message <tt>input_msg</tt> using the server public key <tt>pk</tt> by invoking the RSASSA-PSS-VERIFY routine defined in <xref section="8.1.2" sectionFormat="of" target="RFC8017"/>. The Finalize function performs this check before returning the signature. See <xref target="verification"/> for more details about verifying signatures produced through this protocol.</t><t>In pictures,<t>Shown graphically, the protocol runs as follows:</t> <artwork><![CDATA[ Client(pk, msg) Server(sk, pk) ----------------------------------------------------- input_msg = Prepare(msg) blinded_msg, inv = Blind(pk, input_msg) blinded_msg ----------> blind_sig = BlindSign(sk, blinded_msg) blind_sig <---------- sig = Finalize(pk, input_msg, blind_sig, inv) ]]></artwork> <t>In the remainder of this section, we specify the Prepare, Blind, BlindSign, and Finalize functions that are used in this protocol.</t> <section anchor="randomization"> <name>Prepare</name> <t>Message preparation, denoted by the Prepare function, is the process by which the message to be signed and verified is prepared for input to the blind signing protocol. There are two types of preparation functions: an identity preparationfunction,function and a randomized preparation function. The identity preparation function returns the input message without transformation, i.e., <tt>msg = PrepareIdentity(msg)</tt>.</t> <t>The randomized preparation function augments the input message with fresh randomness. We denote this process by the function <tt>PrepareRandomize(msg)</tt>, which takes as input a message <tt>msg</tt> and produces a randomized message <tt>input_msg</tt>. Its implementation is shown below.</t><artwork><![CDATA[<sourcecode name="" type="pseudocode"><![CDATA[ PrepareRandomize(msg) Inputs: - msg, message to be signed, a byte string Outputs: - input_msg, a byte string that is 32 bytes longer than msg Steps: 1. msg_prefix = random(32) 2. input_msg = concat(msg_prefix, msg) 3. output input_msg]]></artwork>]]></sourcecode> </section> <section anchor="blind"> <name>Blind</name> <t>The Blind function encodes an input message and blinds it with the server's public key. It outputs the blinded message to be sent to the server, encoded as a byte string, and the corresponding inverse, an integer. RSAVP1 and EMSA-PSS-ENCODE are as defined inSections <xrefSections <xref target="RFC8017" section="5.2.2" sectionFormat="bare"/> and <xref target="RFC8017" section="9.1.1" sectionFormat="bare"/> of <xref target="RFC8017"/>, respectively.</t> <t>If this function fails withana "blinding error" error, implementationsSHOULD retry<bcp14>SHOULD</bcp14> try the function again. The probability of one or more such errors in sequence is negligible. This function can also fail with an "invalid input" error, which indicates that one of the inputs (likely the public key) was invalid. ImplementationsSHOULD<bcp14>SHOULD</bcp14> update the public key before calling this function again. See <xref target="errors"/> for more information about dealing with such errors.</t> <t>Note that this function invokes RSAVP1, which is defined to throw an optional error for invalid inputs. However, this error cannot occur based on how RSAVP1 is invoked, so this error is not included in the list of errors for Blind.</t><artwork><![CDATA[<sourcecode name="" type="pseudocode"><![CDATA[ Blind(pk, msg) Parameters: - modulus_len, the length in bytes of the RSA modulus n - Hash, the hash function used to hash the message - MGF, the mask generation function - salt_len, the length in bytes of the salt (denoted sLen inRFC8017)RFC 8017) Inputs: - pk, server public key (n, e) - msg, message to be signed, a byte string Outputs: - blinded_msg, a byte string of length modulus_len - inv, an integer used to unblind the signature in Finalize Errors: - "message too long": Raised when the input message is too long (raised byEMSA-PSS-ENCODE).EMSA-PSS-ENCODE) - "encoding error": Raised when the input message fails encoding (raised byEMSA-PSS-ENCODE).EMSA-PSS-ENCODE) - "blinding error": Raised when the inverse of r cannot befound.found - "invalid input": Raised when the message is not co-prime withn.n Steps: 1. encoded_msg = EMSA-PSS-ENCODE(msg, bit_len(n)) with Hash, MGF, and salt_len as defined in the parameters 2. If EMSA-PSS-ENCODE raises an error,raisere-raise the error and stop 3. m = bytes_to_int(encoded_msg) 4. c = is_coprime(m, n) 5. If c is false, raise an "invalid input" error and stop 6. r = random_integer_uniform(1, n) 7. inv = inverse_mod(r, n) 8. If inverse_mod fails, raiseana "blinding error" error and stop 9. x = RSAVP1(pk, r) 10. z = (m * x) mod n 11. blinded_msg = int_to_bytes(z, modulus_len) 12. output blinded_msg, inv]]></artwork>]]></sourcecode> <t>The blinding factor rMUST<bcp14>MUST</bcp14> be randomly chosen from a uniform distribution. This is typically done via rejection sampling.</t> </section> <section anchor="blindsign"> <name>BlindSign</name> <t>BlindSign performs the RSA private key operation on the client's blinded message input and returns the output encoded as a byte string. RSASP1 is as defined in <xref section="5.2.1" sectionFormat="of" target="RFC8017"/>.</t><artwork><![CDATA[<sourcecode name="" type="pseudocode"><![CDATA[ BlindSign(sk, blinded_msg) Parameters: - modulus_len, the length in bytes of the RSA modulus n Inputs: - sk, server private key - blinded_msg, encoded and blinded message to be signed, a byte string Outputs: - blind_sig, a byte string of length modulus_len Errors: - "signing failure": Raised when the signing operation fails - "message representative out of range": Raised when the message representative to sign is not an integer between 0 and n - 1 (raised by RSASP1) Steps: 1. m = bytes_to_int(blinded_msg) 2. s = RSASP1(sk, m) 3. m' = RSAVP1(pk, s) 4. If m != m', raise a "signing failure" error and stop 5. blind_sig = int_to_bytes(s, modulus_len) 6. output blind_sig]]></artwork>]]></sourcecode> </section> <section anchor="finalize"> <name>Finalize</name> <t>Finalize validates the server's response, unblinds the message to produce a signature, verifies it for correctness, and outputs the signature upon success. Note that this function will internally hash the input message as is done in Blind.</t><artwork><![CDATA[<sourcecode name="" type="pseudocode"><![CDATA[ Finalize(pk, msg, blind_sig, inv) Parameters: - modulus_len, the length in bytes of the RSA modulus n - Hash, the hash function used to hash the message - MGF, the mask generation function - salt_len, the length in bytes of the salt (denoted sLen inRFC8017)RFC 8017) Inputs: - pk, server public key (n, e) - msg, message to be signed, a byte string - blind_sig, signed and blinded element, a byte string of length modulus_len - inv, inverse of the blind, an integer Outputs: - sig, a byte string of length modulus_len Errors: - "invalid signature": Raised when the signature is invalid - "unexpected input size": Raised when a byte string input doesn't have the expectedlength.length Steps: 1. If len(blind_sig) != modulus_len, raise an "unexpected input size" error and stop 2. z = bytes_to_int(blind_sig) 3. s = (z * inv) mod n 4. sig = int_to_bytes(s, modulus_len) 5. result = RSASSA-PSS-VERIFY(pk, msg, sig) with Hash, MGF, and salt_len as defined in the parameters 6. If result = "valid signature", output sig, else raise an "invalid signature" error and stop]]></artwork>]]></sourcecode> </section> <section anchor="verification"> <name>Verification</name> <t>As described in <xref target="core-protocol"/>, the output of the protocol is the prepared message <tt>input_msg</tt> and the signature <tt>sig</tt>. The message that applications consume is <tt>msg</tt>, from which <tt>input_msg</tt> is derived. Clients verify the <tt>msg</tt> signature using the server's public key <tt>pk</tt> by invoking the RSASSA-PSS-VERIFY routine defined in <xref section="8.1.2" sectionFormat="of" target="RFC8017"/> with <tt>(n, e)</tt> as <tt>pk</tt>, M as <tt>input_msg</tt>, and <tt>S</tt> as <tt>sig</tt>.</t> <t>Verification and the message that applications consume thereforedependsdepend on which preparation function is used. In particular, if the PrepareIdentity function is used, then the application message is <tt>input_msg</tt>. In contrast, if the PrepareRandomize function is used, then the application message is <tt>slice(input_msg, 32, len(input_msg))</tt>, i.e., the prepared message with therandommessage randomizer prefix removed.</t> </section> </section> <section anchor="rsabssa"> <name>RSABSSA Variants</name> <t>In thissectionsection, we define different named variants of RSABSSA. Each variant specifiesRSASSA-PSS parametersEMSA-PSS options Hash, MGF, and sLen as defined in <xref section="9.1.1" sectionFormat="of"target="RFC8017"/> andtarget="RFC8017"/>, as well as the type of message preparation function applied (as described in <xref target="randomization"/>). Each variant uses theMGF1 Mask Generation Functionmask generation function 1 (MGF1) defined in <xref section="B.2.1." sectionFormat="of" target="RFC8017"/>. Future specifications can introduce other variants as desired. The named variants are as follows:</t><ol spacing="normal" type="1"><li>RSABSSA-SHA384-PSS-Randomized: This<dl spacing="normal"><dt>RSABSSA-SHA384-PSS-Randomized:</dt><dd>This named variant uses SHA-384 as thehash function,EMSA-PSS Hash option, MGF1 with SHA-384 as thePSS mask generation function, a 48-byte salt length,EMSA-PSS MGF option, and 48 as the EMSA-PSS sLen option (48-byte salt length); it also uses the randomized preparation function(PrepareRandomize).</li> <li>RSABSSA-SHA384-PSSZERO-Randomized: This(PrepareRandomize).</dd> <dt>RSABSSA-SHA384-PSSZERO-Randomized:</dt><dd>This named variant uses SHA-384 as thehash function,EMSA-PSS Hash option, MGF1 with SHA-384 as thePSS mask generation function, an empty PSS salt,EMSA-PSS MGF option, and 0 as the EMSA-PSS sLen option (0-byte salt length); it also uses the randomized preparation function(PrepareRandomize).</li> <li>RSABSSA-SHA384-PSS-Deterministic: This(PrepareRandomize).</dd> <dt>RSABSSA-SHA384-PSS-Deterministic:</dt><dd>This named variant uses SHA-384 as thehash function,EMSA-PSS Hash option, MGF1 with SHA-384 as thePSS mask generation function, 48-byte salt length,EMSA-PSS MGF option, and 48 as the EMSA-PSS sLen option (48-byte salt length); it also uses the identity preparation function(PrepareIdentity).</li> <li>RSABSSA-SHA384-PSSZERO-Deterministic: This(PrepareIdentity).</dd> <dt>RSABSSA-SHA384-PSSZERO-Deterministic:</dt><dd>This named variant uses SHA-384 as thehash function,EMSA-PSS Hash option, MGF1 with SHA-384 as thePSS mask generation function, an empty PSS salt,EMSA-PSS MGF option, and 0 as the EMSA-PSS sLen option (0-byte salt length); it also uses the identity preparation function (PrepareIdentity). This is the only variant that produces deterministic signatures over the client's input message<tt>msg</tt>.</li> </ol><tt>msg</tt>.</dd> </dl> <t>TheRECOMMENDED<bcp14>RECOMMENDED</bcp14> variants are RSABSSA-SHA384-PSS-Randomized or RSABSSA-SHA384-PSSZERO-Randomized.</t> <t>Not all named variants can be used interchangeably. In particular, applications that provide high-entropy input messages can safely use named variants without randomized message preparation, as the additional message randomization does not offer security advantages. See <xref target="Lys22"/> and <xref target="message-entropy"/> for more information. For all other applications, the variants that use the randomized preparation function protect clients from malicious signers. A verifier that accepts randomized messages needs to remove the random component from the signed part of messages before processing.</t> <t>Applications that require deterministic signatures can use the RSABSSA-SHA384-PSSZERO-Deterministic variant, but only if their input messages have high entropy. Applications that use RSABSSA-SHA384-PSSZERO-DeterministicSHOULD<bcp14>SHOULD</bcp14> carefully analyze the security implications, taking into account the possibility of adversarially generated signer keys as described in <xref target="message-entropy"/>. When it is not clear whether an application requires deterministic or randomized signatures, applicationsSHOULD<bcp14>SHOULD</bcp14> use one of the variants with randomized message preparation.</t> </section> <section anchor="implementation-and-usage-considerations"> <name>Implementation and Usage Considerations</name> <t>This section documents considerations for interfaces to implementations of the protocol defined in this document. This includes error handling and API considerations.</t> <section anchor="errors"> <name>Errors</name> <t>The high-level functions specified in <xref target="core-protocol"/> are all fallible. The explicit errors generated throughout this specification, along with the conditions that lead to each error, are listed in the definitions for Blind, BlindSign, and Finalize. These errors are meant as a guide for implementors. They are not an exhaustive list of all the errors an implementation might emit. For example, implementations might run out of memory.</t> <t>Moreover, implementations can handle errors as needed or desired. Where applicable, this document provides guidance for how to deal with explicit errors that are generated in the protocol. For example, a "blinding error" error is generated in Blind when the client produces a prime factor of the server's public key. <xref target="blind"/> indicates that implementationsSHOULD<bcp14>SHOULD</bcp14> retry the Blind function when this error occurs, but an implementation could also handle this exceptional event differently, e.g., by informing the server that the key has been factored.</t> </section> <section anchor="cert-oid"> <name>Signing Key Generation and Usage</name> <t>TheRECOMMENDED<bcp14>RECOMMENDED</bcp14> method for generating the server signing key pair is as specified in FIPS186-4186-5 <xref target="DSS"/>.</t> <t>A server signing keyMUST NOT<bcp14>MUST NOT</bcp14> be reused for any other protocol beyond RSABSSA. Moreover, a server signing keyMUST NOT<bcp14>MUST NOT</bcp14> be reused for different RSABSSA encoding options. That is, if a server supports two different encoding options, then itMUST<bcp14>MUST</bcp14> have a distinct key pair for each option.</t> <t>If the server public key is carried in an X.509 certificate, itMUST<bcp14>MUST</bcp14> use theRSASSA-PSSid-RSASSA-PSS OID <xref target="RFC5756"/>. ItMUST NOT<bcp14>MUST NOT</bcp14> use the rsaEncryption OID <xref target="RFC5280"/>.</t> </section> </section> <section anchor="sec-considerations"> <name>Security Considerations</name> <t>Lysyanskaya proved one-more-forgery polynomial security of RSABSSA variants in the random oracle model under the one-more-RSAassumption inassumption; see <xref target="Lys22"/>. This means the adversary cannot output n+1 valid message and signature tuples, where all messages are distinct, after interacting with the server (signer) as a client only n times, for some nwhichthat is polynomial in the protocol's security parameter. Lysyanskaya also proved that the RSABSSAvariantsvariants, which use the PrepareRandomizefunctionfunction, achieve blindness (see version B of the protocol and related proofs in <xreftarget="Lys22"/>.target="Lys22"/>). Blindness means that the malicious signer learns nothing about the client input and output after the protocol execution. However, additional assumptions on the message inputs are required for blindness to hold for RSABSSA variants that use the PrepareIdentity function; see <xref target="message-entropy"/> for more discussion on those results.</t> <section anchor="timing-side-channels-and-fault-attacks"> <name>Timing Side Channels and Fault Attacks</name> <t>BlindSign is functionally a remote procedure call for applying the RSA private key operation. As such,side channelside-channel resistance is paramount to protect the private key from exposure <xref target="RemoteTimingAttacks"/>. ImplementationsSHOULD<bcp14>SHOULD</bcp14> implement some form ofside channelside-channel attack mitigation, such as RSA blinding as described in Section 10 of <xref target="TimingAttacks"/>. Failure to apply such mitigations can lead toside channelside-channel attacks that leak the private signing key.</t> <t>Moreover, we assume that the server does not initiate the protocol and therefore has no knowledge of when the Prepare and Blind operations take place. If this were not the case, additional side-channel mitigations might be required to prevent timing side channels through Prepare and Blind.</t> <t>Beyond timing side channels, <xref target="FAULTS"/> describes the importance of implementation safeguards that protect against fault attacks that can also leak the private signing key. These safeguards require that implementations check that the result of the private key operation when signing is correct, i.e., given s = RSASP1(sk, m), verify that m = RSAVP1(pk, s), as is required by BlindSign. Applying this (or an equivalent) safeguard is necessary to mitigate fault attacks, even for implementations that are not based on the Chinese remainder theorem.</t> </section> <section anchor="message-robustness"> <name>Message Robustness</name> <t>An essential property of blind signature protocols is that the signer learns nothing of the message being signed. In some circumstances, this may raise concernsofregarding arbitrary signing oracles. Applications using blind signature protocols should take precautions to ensure that such oracles do not cause cross-protocol attacks. Ensuring that the signing key used for RSABSSA is distinct from other protocols prevents such cross-protocol attacks.</t> <t>An alternative solution to this problem of message blindness is to give signers proof that the message being signed iswell-structured.well structured. Depending on the application,zero knowledgezero-knowledge proofs could be useful for this purpose. Defining sucha proofproofs is out of scope for this document.</t> <t>Verifiers should check that, in addition to signature validity, the signed message iswell-structuredwell structured for the relevant application. For example, if an application of this protocol requires messages to be structures of a particular form, then verifiers should check that messages adhere to this form.</t> </section> <section anchor="message-entropy"> <name>Message Entropy</name> <t>As discussed in <xref target="Lys22"/>, a malicious signer can construct an invalid public key and use it to learn information about low-entropy input messages. Note that some invalid public keys may not yield valid signatures when run with the protocol, e.g., because the signature fails to verify. However, if an attacker can coerce the client to use these invalid public keys with low-entropy inputs, they can learn information about the client inputs before the protocol completes.</t> <t>A client that uses this protocol might be vulnerable to attack from a malicious signer unless it is able to ensure thateither:</t>one of the following conditions is satisfied:</t> <ol spacing="normal"type="1"><li>Thetype="(%d)"><li>The client has proof that the signer's public key is honestly generated. <xref target="GRSB19"/> presents some (non-interactive) honest-verifier zero-knowledge proofs of various statements about the public key.</li> <li>The input message has a value that the signer is unable to guess. That is, the client has added a high-entropy component that was not available to the signer prior to them choosing their signing key.</li> </ol> <t>The named variants that use the PrepareRandomize function -- RSABSSA-SHA384-PSS-Randomized and RSABSSA-SHA384-PSSZERO-Randomized -- explicitly inject fresh entropy alongside each message to satisfy condition (2). As such, these variants are safe for all application usecases.</t>cases. In contrast, the named variants that use the PrepareIdentity function do not inject fresh entropy and therefore could be a problem with low-entropy inputs.</t> <t>Note that these variants effectively mean that the resulting signature is always randomized. As such, this interface is not suitable for applications that require deterministic signatures.</t> </section> <section anchor="randomness-generation"> <name>Randomness Generation</name> <t>All random values in the protocol, including the salt, message randomizerprefix,prefix (msg_prefix; see <xref target="test-vectors"/>), and random blind value in <tt>Blind</tt>,MUST<bcp14>MUST</bcp14> be generated from a cryptographically secure random number generator <xref target="RFC4086"/>. If these values are not generatedrandomly,randomly or are otherwise constructed maliciously, it might be possible for them to encode information that is not present in the signed message. For example, the PSS salt might be maliciously constructed to encode the local IP address of the client. As a result, implementationsSHOULD NOT<bcp14>SHOULD NOT</bcp14> allow clients to provide these values directly.</t> <t>Note that malicious implementations could also encode client information in the message being signed, but since clients can verify the resulting message signature using the publickeykey, this can be detected.</t> </section> <section anchor="key-substitution-attacks"> <name>Key Substitution Attacks</name> <t>RSA is well knownto permitfor permitting key substitution attacks, wherein an attacker generates a key pair (skA, pkA) that verifies some known (message, signature) pair produced under a different (sk, pk) key pair <xref target="WM99"/>. This means it may be possible for an attacker to use a (message, signature) pair from one context in another. Entities that verify signatures must take care to ensure that a (message, signature) pair verifies with a valid public key from the expected issuer.</t> </section> <section anchor="alternative-rsa-encoding-functions"> <name>Alternative RSA Encoding Functions</name> <t>This documentdocumentuses PSS encoding as specified in <xref target="RFC8017"/> for a number of reasons. First, it is recommended in recent standards, including TLS 1.3 <xref target="RFC8446"/>,X.509v3X.509 <xref target="RFC4055"/>, and evenPKCS#1PKCS #1 itself. According to <xref target="RFC8017"/>, "Although no attacks are known againstRSASSA-PKCS#1 v1.5,RSASSA-PKCS1-v1_5, in the interest of increased robustness,RSA-PSS <xref target="RFC8017"/>RSASSA-PSS isrecommended for eventual adoption<bcp14>REQUIRED</bcp14> in new applications." While RSA-PSS is more complex thanRSASSA-PKCS#1 v1.5RSASSA-PKCS1-v1_5 encoding, ubiquity of RSA-PSS support influenced the design decision in thisdraft,document, despitePKCS#1PKCS #1 v1.5 having equivalent security properties for digital signatures <xref target="JKM18"/>.</t> <t>Full Domain Hash (FDH) encoding <xref target="RSA-FDH"/>encodingis alsopossible, and thispossible. This varianthas equivalentprovides security equivalent to that of PSS <xref target="KK18"/>. However, FDH is less standard and is not used widely in related technologies. Moreover, FDH is deterministic, whereas PSS supports deterministic and probabilistic encodings.</t> </section> <section anchor="post-quantum-readiness"> <name>Post-Quantum Readiness</name> <t>The blind signature protocol specified in this document is not post-quantumreadyready, since it is based on RSA. Shor's polynomial-time factorization algorithm readily applies.</t> </section> </section> <section anchor="iana-considerations"> <name>IANA Considerations</name> <t>This documentmakeshas no IANArequests.</t>actions.</t> </section> </middle> <back> <displayreference target="I-D.irtf-cfrg-voprf" to="VOPRF"/> <displayreference target="I-D.ietf-privacypass-protocol" to="PRIVACY-PASS"/> <references> <name>References</name> <references> <name>Normative References</name><reference anchor="RFC2119"> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author fullname="S. Bradner" initials="S." surname="Bradner"/> <date month="March" year="1997"/> <abstract> <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="2119"/> <seriesInfo name="DOI" value="10.17487/RFC2119"/> </reference> <reference anchor="RFC8174"> <front> <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> <author fullname="B. Leiba" initials="B." surname="Leiba"/> <date month="May" year="2017"/> <abstract> <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="8174"/> <seriesInfo name="DOI" value="10.17487/RFC8174"/> </reference> <reference anchor="RFC8017"> <front> <title>PKCS #1: RSA Cryptography Specifications Version 2.2</title> <author fullname="K. Moriarty" initials="K." role="editor" surname="Moriarty"/> <author fullname="B. Kaliski" initials="B." surname="Kaliski"/> <author fullname="J. Jonsson" initials="J." surname="Jonsson"/> <author fullname="A. Rusch" initials="A." surname="Rusch"/> <date month="November" year="2016"/> <abstract> <t>This document provides recommendations for the implementation of public-key cryptography based on the RSA algorithm, covering cryptographic primitives, encryption schemes, signature schemes with appendix, and ASN.1 syntax for representing keys and for identifying the schemes.</t> <t>This document represents a republication of PKCS #1 v2.2 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series. By publishing this RFC, change control is transferred to the IETF.</t> <t>This document also obsoletes RFC 3447.</t> </abstract> </front> <seriesInfo name="RFC" value="8017"/> <seriesInfo name="DOI" value="10.17487/RFC8017"/> </reference> <reference anchor="RFC5756"> <front> <title>Updates for RSAES-OAEP and RSASSA-PSS Algorithm Parameters</title> <author fullname="S. Turner" initials="S." surname="Turner"/> <author fullname="D. Brown" initials="D." surname="Brown"/> <author fullname="K. Yiu" initials="K." surname="Yiu"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <author fullname="T. Polk" initials="T." surname="Polk"/> <date month="January" year="2010"/> <abstract> <t>This document updates RFC 4055. It updates the conventions for using the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) key transport algorithm in the Internet X.509 Public Key Infrastructure (PKI). Specifically, it updates the conventions for algorithm parameters in an X.509 certificate's subjectPublicKeyInfo field. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="5756"/> <seriesInfo name="DOI" value="10.17487/RFC5756"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8017.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5756.xml"/> </references> <references> <name>Informative References</name> <reference anchor="GoogleVPN" target="https://one.google.com/about/vpn/howitworks"> <front> <title>VPN by GoogleOne White Paper</title>One, explained</title> <author> <organization/> </author><date>n.d.</date></front> </reference> <reference anchor="ApplePrivateRelay" target="https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf"> <front> <title>iCloud Private Relay Overview</title> <author> <organization/> </author><date>n.d.</date><date month="December" year="2021"/> </front> </reference> <reference anchor="PrettyGoodPhonePrivacy" target="https://www.usenix.org/conference/usenixsecurity21/presentation/schmitt"> <front> <title>Pretty Good Phone Privacy</title> <author initials="P." surname="Schmitt"> <organization/> </author> <author initials="B." surname="Raghavan"> <organization/> </author><date>n.d.</date><date month="August" year="2021"/> </front> <refcontent>Proceedings of the 30th USENIX Security Symposium</refcontent> </reference> <referenceanchor="WM99">anchor="WM99" target="https://link.springer.com/chapter/10.1007/3-540-49162-7_12"> <front> <title>Unknownkey-share attacksKey-Share Attacks on thestation-to-stationStation-to-Station (STS)protocol</title>Protocol</title> <author initials="S." surname="Blake-Wilson"> <organization/> </author> <author initials="A." surname="Menezes"> <organization/> </author> <date year="1999" month="October"/> </front> <refcontent>International Workshop on Public KeyCryptography</refcontent> </reference> <reference anchor="KLRX20" target="https://eprint.iacr.org/2020/1071"> <front> <title>On Pairing-Free Blind Signature Schemes in the Algebraic Group Model</title> <author initials="J." surname="Kastner"> <organization/> </author> <author initials="J." surname="Loss"> <organization/> </author> <author initials="M." surname="Rosenberg"> <organization/> </author> <author initials="J." surname="Xu"> <organization/> </author> <date year="2020" month="September"/> </front>Cryptography, PKC 1999, pp. 154-170</refcontent> <seriesInfo name="DOI" value="10.1007/3-540-49162-7_12"/> </reference> <reference anchor="JKK14" target="https://eprint.iacr.org/2014/650"> <front> <title>Round-Optimal Password-Protected Secret Sharing and T-PAKE in the Password-Onlymodel</title>Model</title> <author initials="S." surname="Jarecki"> <organization>UC Irvine, CA, USA</organization> </author> <author initials="A." surname="Kiayias"> <organization>University of Athens, Greece</organization> </author> <author initials="H." surname="Krawczyk"> <organization>IBM Research, NY, USA</organization> </author> <date year="2014" month="August"/> </front> </reference> <reference anchor="Lys22" target="https://eprint.iacr.org/2022/895"> <front> <title>Security Analysis of RSA-BSSA</title> <author initials="A." surname="Lysyanskaya"> <organization/> </author><date>n.d.</date> </front> </reference> <reference anchor="BLS-Proposal" target="https://mailarchive.ietf.org/arch/msg/privacy-pass/BDOOhSLwB3uUJcfBiss6nUF5sUA/"> <front> <title>[Privacy-pass] External verifiability: a concrete proposal</title> <author initials="W." surname="Ladd"> <organization/> </author><dateyear="2020" month="July"/> </front> </reference> <reference anchor="PolytimeROS" target="https://eprint.iacr.org/2020/945"> <front> <title>On the (in)security of ROS</title> <author initials="F." surname="Benhamouda"> <organization/> </author> <author initials="T." surname="Lepoint"> <organization/> </author> <author initials="J." surname="Loss"> <organization/> </author> <author initials="M." surname="Orru"> <organization/> </author> <author initials="M." surname="Raykova"> <organization/> </author> <date year="2020" month="July"/>month="March" year="2023"/> </front> </reference> <reference anchor="RSA-FDH"target="https://cseweb.ucsd.edu/~mihir/papers/ro.pdf">target="https://dl.acm.org/doi/abs/10.1145/168588.168596"> <front> <title>RandomOraclesoracles arePractical: A Paradigmpractical: a paradigm forDesigning Efficient Protocols</title>designing efficient protocols</title> <author initials="M." surname="Bellare"> <organization/> </author> <author initials="P." surname="Rogaway"> <organization/> </author> <dateyear="1995" month="October"/>year="1993" month="December"/> </front> <refcontent>CCS '93: Proceedings of the 1st ACM conference on Computer and communications security, pp. 62-73</refcontent> <seriesInfo name="DOI" value="10.1145/168588.168596"/> </reference> <reference anchor="Chaum83"target="http://sceweb.sce.uhcl.edu/yang/teaching/csci5234WebSecurityFall2011/Chaum-blind-signatures.PDF">target="https://sceweb.sce.uhcl.edu/yang/teaching/csci5234WebSecurityFall2011/Chaum-blind-signatures.PDF"> <front> <title>Blind Signatures for Untraceable Payments</title> <author initials="D." surname="Chaum"> <organization>University of California, Santa Barbara, USA</organization> </author> <dateyear="1983"/>year="1998"/> </front> <refcontent>Springer-Verlag</refcontent> </reference> <reference anchor="RemoteTimingAttacks"target="https://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf">target="https://www.usenix.org/legacy/events/sec03/tech/brumley/brumley.pdf"> <front> <title>Remote Timing Attacks are Practical</title> <author initials="D."surname="Boneh">surname="Brumley"> <organization>Stanford University</organization> </author> <author initials="D."surname="Brumley">surname="Boneh"> <organization>Stanford University</organization> </author> <date year="2003"month="May"/>month="August"/> </front><refcontent>12th Usenix<refcontent>Proceedings of the 12th USENIX Security Symposium</refcontent> </reference> <referenceanchor="TZ22" target="https://eprint.iacr.org/2022/047"> <front> <title>Short Pairing-Free Blind Signatures with Exponential Security</title> <author initials="S." surname="Tessaro"> <organization>University of Washington</organization> </author> <author initials="C." surname="Zhu"> <organization>University of Washington</organization> </author> <date year="2022" month="January"/> </front> </reference> <reference anchor="UProve" target="https://www.microsoft.com/en-us/research/project/u-prove/"> <front> <title>U-Prove</title> <author initials="" surname="Microsoft"> <organization>Microsoft</organization> </author> <date year="2012" month="February"/> </front> </reference> <referenceanchor="GRSB19" target="https://eprint.iacr.org/2018/057.pdf"> <front> <title>Efficient Noninteractive Certification of RSA Moduli and Beyond</title> <author initials="S." surname="Goldberg"> <organization/> </author> <author initials="L." surname="Reyzin"> <organization/> </author> <author initials="O." surname="Sagga"> <organization/> </author> <author initials="F." surname="Baldimtsi"> <organization/> </author> <date year="2019" month="October"/> </front> </reference><reference anchor="VOPRF"> <front> <title>Oblivious Pseudorandom Functions (OPRFs) using Prime-Order Groups</title> <author fullname="Alex Davidson" initials="A." surname="Davidson"> <organization>Brave Software</organization> </author> <author fullname="Armando Faz-Hernandez" initials="A." surname="Faz-Hernandez"> <organization>Cloudflare, Inc.</organization> </author> <author fullname="Nick Sullivan" initials="N." surname="Sullivan"> <organization>Cloudflare, Inc.</organization> </author> <author fullname="Christopher A. Wood" initials="C. A." surname="Wood"> <organization>Cloudflare, Inc.</organization> </author> <date day="21" month="February" year="2023"/> <abstract> <t> An Oblivious Pseudorandom Function (OPRF) is a two-party protocol between client and server for computing the output of a Pseudorandom Function (PRF). The server provides the PRF private key, and the client provides the PRF input. At the end of the protocol, the client learns the PRF output without learning anything about the PRF private key, and the server learns neither the PRF input nor output. An OPRF can also satisfy a notion of 'verifiability', called a VOPRF. A VOPRF ensures clients can verify that the server used a specific private key during the execution of the protocol. A VOPRF can also be partially-oblivious, called a POPRF. A POPRF allows clients and servers to provide public input<!-- draft-irtf-cfrg-voprf (RFC-EDITOR since 9/22/2023) --> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.irtf-cfrg-voprf.xml"/> <!-- draft-ietf-privacypass-protocol (Submitted tothe PRF computation. This document specifies an OPRF, VOPRF, and POPRF instantiated within standard prime-order groups, including elliptic curves. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-irtf-cfrg-voprf-21"/> </reference> <reference anchor="PRIVACY-PASS"> <front> <title>Privacy Pass Issuance Protocol</title> <author fullname="Sofia Celi" initials="S." surname="Celi"> <organization>Brave Software</organization> </author> <author fullname="Alex Davidson" initials="A." surname="Davidson"> <organization>Brave Software</organization> </author> <author fullname="Steven Valdez" initials="S." surname="Valdez"> <organization>Google LLC</organization> </author> <author fullname="Christopher A. Wood" initials="C. A." surname="Wood"> <organization>Cloudflare</organization> </author> <date day="26" month="June" year="2023"/> <abstract> <t> This document specifies two variants of the two-message issuance protocolIESG forPrivacy Pass tokens: one that produces tokens that are privately verifiable using the issuance private key, and another that produces tokens that are publicly verifiable using the issuance public key. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-privacypass-protocol-11"/> </reference>Pub) --> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-privacypass-protocol.xml"/> <referenceanchor="DSS">anchor="DSS" target="https://doi.org/10.6028/NIST.FIPS.186-5"> <front> <title>Digital Signature Standard (DSS)</title> <author> <organization/> </author> <datemonth="July" year="2013"/>month="February" year="2023"/> </front><seriesInfo name="National<refcontent>National Institute of Standards andTechnology" value="report"/>Technology report</refcontent> <seriesInfo name="DOI"value="10.6028/nist.fips.186-4"/> </reference> <reference anchor="RFC5280"> <front> <title>Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</title> <author fullname="D. Cooper" initials="D." surname="Cooper"/> <author fullname="S. Santesson" initials="S." surname="Santesson"/> <author fullname="S. Farrell" initials="S." surname="Farrell"/> <author fullname="S. Boeyen" initials="S." surname="Boeyen"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <author fullname="W. Polk" initials="W." surname="Polk"/> <date month="May" year="2008"/> <abstract> <t>This memo profiles the X.509 v3 certificate and X.509 v2 certificate revocation list (CRL) for use in the Internet. An overview of this approach and model is provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail along with standard and Internet-specific extensions. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="5280"/> <seriesInfo name="DOI" value="10.17487/RFC5280"/>value="10.6028/nist.fips.186-5"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5280.xml"/> <reference anchor="TimingAttacks"> <front> <title>Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems</title> <author fullname="Paul C. Kocher"initials="P."initials="P. C." surname="Kocher"> <organization/> </author> <date year="1996"/> </front><seriesInfo name="Advances<refcontent>Advances in Cryptology - CRYPTO'96" value="pp. 104-113"/>'96, pp. 104-113</refcontent> <seriesInfo name="DOI" value="10.1007/3-540-68697-5_9"/> </reference> <reference anchor="FAULTS"> <front> <title>On the Importance of Checking Cryptographic Protocols for Faults</title> <author fullname="Dan Boneh" initials="D." surname="Boneh"> <organization/> </author> <author fullname="Richard A. DeMillo"initials="R."initials="R. A." surname="DeMillo"> <organization/> </author> <author fullname="Richard J. Lipton"initials="R."initials="R. J." surname="Lipton"> <organization/> </author> <date year="1997"/> </front><seriesInfo name="Advances<refcontent>Advances in Cryptology - EUROCRYPT'97" value="pp. 37-51"/>'97, pp. 37-51</refcontent> <seriesInfo name="DOI" value="10.1007/3-540-69053-0_4"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4086.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4055.xml"/> <referenceanchor="RFC4086"> <front> <title>Randomness Requirements for Security</title> <author fullname="D. Eastlake 3rd" initials="D." surname="Eastlake 3rd"/> <author fullname="J. Schiller" initials="J." surname="Schiller"/> <author fullname="S. Crocker" initials="S." surname="Crocker"/> <date month="June" year="2005"/> <abstract> <t>Security systems are built on strong cryptographic algorithms that foil pattern analysis attempts. However, the security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities. The use of pseudo-random processes to generate secret quantities can result in pseudo-security. A sophisticated attacker may find it easier to reproduce the environment that produced the secret quantities and to search the resulting small set of possibilities than to locate the quantities in the whole of the potential number space.</t> <t>Choosing random quantities to foil a resourceful and motivated adversary is surprisingly difficult. This document points out many pitfalls in using poor entropy sources or traditional pseudo-random number generation techniques for generating such quantities. It recommends the use of truly random hardware techniques and shows that the existing hardware on many systems can be used for this purpose. It provides suggestions to ameliorate the problem when a hardware solution is not available, and it gives examples of how large such quantities need to be for some applications. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t> </abstract> </front> <seriesInfo name="BCP" value="106"/> <seriesInfo name="RFC" value="4086"/> <seriesInfo name="DOI" value="10.17487/RFC4086"/> </reference> <reference anchor="RFC8446"> <front> <title>The Transport Layer Security (TLS) Protocol Version 1.3</title> <author fullname="E. Rescorla" initials="E." surname="Rescorla"/> <date month="August" year="2018"/> <abstract> <t>This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t> <t>This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.</t> </abstract> </front> <seriesInfo name="RFC" value="8446"/> <seriesInfo name="DOI" value="10.17487/RFC8446"/> </reference> <reference anchor="RFC4055"> <front> <title>Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</title> <author fullname="J. Schaad" initials="J." surname="Schaad"/> <author fullname="B. Kaliski" initials="B." surname="Kaliski"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <date month="June" year="2005"/> <abstract> <t>This document supplements RFC 3279. It describes the conventions for using the RSA Probabilistic Signature Scheme (RSASSA-PSS) signature algorithm, the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) key transport algorithm and additional one-way hash functions with the Public-Key Cryptography Standards (PKCS) #1 version 1.5 signature algorithm in the Internet X.509 Public Key Infrastructure (PKI). Encoding formats, algorithm identifiers, and parameter formats are specified. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="4055"/> <seriesInfo name="DOI" value="10.17487/RFC4055"/> </reference> <reference anchor="JKM18">anchor="JKM18" target="https://eprint.iacr.org/2018/855"> <front> <title>On the Security of the PKCS#1 v1.5 Signature Scheme</title> <author fullname="Tibor Jager" initials="T." surname="Jager"> <organization>Paderborn Uninversity, Paderborn, Germany</organization> </author> <author fullname="Saqib A. Kakvi"initials="S."initials="S. A." surname="Kakvi"> <organization>Paderborn University, Paderborn, Germany</organization> </author> <author fullname="Alexander May" initials="A." surname="May"> <organization>Ruhr-University Bochum, Bochum, Germany</organization> </author> <datemonth="October"month="September" year="2018"/> </front><seriesInfo name="Proceedings<refcontent>Proceedings of the 2018 ACM SIGSAC Conference on Computer andCommunications" value="Security"/>Communications Security, pp. 1195-1208</refcontent> <seriesInfo name="DOI" value="10.1145/3243734.3243798"/> </reference> <reference anchor="KK18"> <front> <title>Optimal Security Proofs for Full Domain Hash, Revisited</title> <author fullname="Saqib A. Kakvi"initials="S."initials="S. A." surname="Kakvi"> <organization/> </author> <author fullname="Eike Kiltz" initials="E." surname="Kiltz"> <organization/> </author> <date month="April" year="2017"/> </front><seriesInfo name="Journal<refcontent>Journal ofCryptology" value="vol.Cryptology, vol. 31, no. 1, pp.276-306"/>276-306</refcontent> <seriesInfo name="DOI" value="10.1007/s00145-017-9257-9"/> </reference> </references> </references><?line 655?><section anchor="test-vectors"> <name>Test Vectors</name> <t>This section includes test vectors for the blind signature protocol defined in <xref target="core-protocol"/>. The following parameters are specified for each test vector:</t><ul<dl spacing="normal"><li>p,<dt>p, q, n, e,d: RSAd:</dt><dd>RSA private and public key (sk and pk) parameters, each encoded as a hexadecimalstring.</li> <li>msg: Input messsagestring.</dd> <dt>msg:</dt><dd>Input message being signed, encoded as a hexadecimal string. The hash is computed usingSHA-384.</li> <li>msg_prefix: MessageSHA-384.</dd> <dt>msg_prefix:</dt><dd>Message randomizer prefix, encoded as a hexadecimal string. This is only present for variants that use the randomization preparationfunction.</li> <li>prepared_msg: Thefunction.</dd> <dt>prepared_msg:</dt><dd>The message actually signed. If the variant does not use the randomization preparation function, this is equal tomsg.</li> <li>salt: Randomly-generatedmsg.</dd> <dt>salt:</dt><dd>Randomly generated salt used when computing the signature. The length is either 48 or 0bytes.</li> <li>encoded_msg: EMSA-PSSbytes.</dd> <dt>encoded_msg:</dt><dd>EMSA-PSS encoded message. The mask generation function is MGF1 withSHA-384.</li> <li>inv: TheSHA-384.</dd> <dt>inv:</dt><dd>The message blinding inverse, encoded as a hexadecimalstring.</li> <li>blinded_msg, blind_sig: Thestring.</dd> <dt>blinded_msg, blind_sig:</dt><dd>The protocol values exchanged during the computation, encoded as hexadecimalstrings.</li> <li>sig: Thestrings.</dd> <dt>sig:</dt><dd>The output messagesignature.</li> </ul>signature.</dd> </dl> <section anchor="rsabssa-sha384-pss-randomized-test-vector"> <name>RSABSSA-SHA384-PSS-Randomized Test Vector</name><artwork><![CDATA[<sourcecode name="" type="test-vectors"><![CDATA[ p = e1f4d7a34802e27c7392a3cea32a262a34dc3691bd87f3f310dc756734889305 59c120fd0410194fb8a0da55bd0b81227e843fdca6692ae80e5a5d414116d4803fca 7d8c30eaaae57e44a1816ebb5c5b0606c536246c7f11985d731684150b63c9a3ad9e 41b04c0b5b27cb188a692c84696b742a80d3cd00ab891f2457443dadfeba6d6daf10 8602be26d7071803c67105a5426838e6889d77e8474b29244cefaf418e381b312048 b457d73419213063c60ee7b0d81820165864fef93523c9635c22210956e53a8d9632 2493ffc58d845368e2416e078e5bcb5d2fd68ae6acfa54f9627c42e84a9d3f277401 7e32ebca06308a12ecc290c7cd1156dcccfb2311 q = c601a9caea66dc3835827b539db9df6f6f5ae77244692780cd334a006ab353c8 06426b60718c05245650821d39445d3ab591ed10a7339f15d83fe13f6a3dfb20b945 2c6a9b42eaa62a68c970df3cadb2139f804ad8223d56108dfde30ba7d367e9b0a7a8 0c4fdba2fd9dde6661fc73fc2947569d2029f2870fc02d8325acf28c9afa19ecf962 daa7916e21afad09eb62fe9f1cf91b77dc879b7974b490d3ebd2e95426057f35d0a3 c9f45f79ac727ab81a519a8b9285932d9b2e5ccd347e59f3f32ad9ca359115e7da00 8ab7406707bd0e8e185a5ed8758b5ba266e8828f8d863ae133846304a2936ad7bc7c 9803879d2fc4a28e69291d73dbd799f8bc238385 n = aec4d69addc70b990ea66a5e70603b6fee27aafebd08f2d94cbe1250c556e047 a928d635c3f45ee9b66d1bc628a03bac9b7c3f416fe20dabea8f3d7b4bbf7f963be3 35d2328d67e6c13ee4a8f955e05a3283720d3e1f139c38e43e0338ad058a9495c533 77fc35be64d208f89b4aa721bf7f7d3fef837be2a80e0f8adf0bcd1eec5bb040443a 2b2792fdca522a7472aed74f31a1ebe1eebc1f408660a0543dfe2a850f106a617ec6 685573702eaaa21a5640a5dcaf9b74e397fa3af18a2f1b7c03ba91a6336158de420d 63188ee143866ee415735d155b7c2d854d795b7bc236cffd71542df34234221a0413 e142d8c61355cc44d45bda94204974557ac2704cd8b593f035a5724b1adf442e78c5 42cd4414fce6f1298182fb6d8e53cef1adfd2e90e1e4deec52999bdc6c29144e8d52 a125232c8c6d75c706ea3cc06841c7bda33568c63a6c03817f722b50fcf898237d78 8a4400869e44d90a3020923dc646388abcc914315215fcd1bae11b1c751fd52443aa c8f601087d8d42737c18a3fa11ecd4131ecae017ae0a14acfc4ef85b83c19fed33cf d1cd629da2c4c09e222b398e18d822f77bb378dea3cb360b605e5aa58b20edc29d00 0a66bd177c682a17e7eb12a63ef7c2e4183e0d898f3d6bf567ba8ae84f84f1d23bf8 b8e261c3729e2fa6d07b832e07cddd1d14f55325c6f924267957121902dc19b3b329 48bdead5 e = 010001 d = 0d43242aefe1fb2c13fbc66e20b678c4336d20b1808c558b6e62ad16a2870771 80b177e1f01b12f9c6cd6c52630257ccef26a45135a990928773f3bd2fc01a313f1d ac97a51cec71cb1fd7efc7adffdeb05f1fb04812c924ed7f4a8269925dad88bd7dcf bc4ef01020ebfc60cb3e04c54f981fdbd273e69a8a58b8ceb7c2d83fbcbd6f784d05 2201b88a9848186f2a45c0d2826870733e6fd9aa46983e0a6e82e35ca20a439c5ee7 b502a9062e1066493bdadf8b49eb30d9558ed85abc7afb29b3c9bc644199654a4676 681af4babcea4e6f71fe4565c9c1b85d9985b84ec1abf1a820a9bbebee0df1398aae 2c85ab580a9f13e7743afd3108eb32100b870648fa6bc17e8abac4d3c99246b1f0ea 9f7f93a5dd5458c56d9f3f81ff2216b3c3680a13591673c43194d8e6fc93fc1e37ce 2986bd628ac48088bc723d8fbe293861ca7a9f4a73e9fa63b1b6d0074f5dea2a624c 5249ff3ad811b6255b299d6bc5451ba7477f19c5a0db690c3e6476398b1483d10314 afd38bbaf6e2fbdbcd62c3ca9797a420ca6034ec0a83360a3ee2adf4b9d4ba29731d 131b099a38d6a23cc463db754603211260e99d19affc902c915d7854554aabf608e3 ac52c19b8aa26ae042249b17b2d29669b5c859103ee53ef9bdc73ba3c6b537d5c34b 6d8f034671d7f3a8a6966cc4543df223565343154140fd7391c7e7be03e241f4ecfe b877a051 msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c80023a a6b59f8cfec5fdbb36331372ebefedae7d msg_prefix = 8417e699b219d583fb6216ae0c53ca0e9723442d02f1d1a34295527 e7d929e8b prepared_msg = 8417e699b219d583fb6216ae0c53ca0e9723442d02f1d1a342955 27e7d929e8b8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c8 0023aa6b59f8cfec5fdbb36331372ebefedae7d salt = 051722b35f458781397c3a671a7d3bd3096503940e4c4f1aaa269d60300ce 449555cd7340100df9d46944c5356825abf encoded_msg = 2be01c5669eb676cb3f0002eb636427d61568f3f0579da5b998279 a7eb3ab784e5617319376d04809d83e72bef9f0738e7324af3fd1b4f0a35f4f58058 ab329495406bdb5ff31a0274be2d137c735ab0d5a591b3129a6cc46fcecc4b41dbc6 84c965cb30e3eb4864ef18cc8d95b4d6a2002607c821d4d8a7e026ae7bb1f6b4c7c9 3d1b58e9cd87864d6094b0d8f7e2b5f966473703634fb58c774dd4a24376e0eb262a 24b58e3a0b4da4f36ef75651627561ff2ecee9dcbfe1d728cc31a7b46030f7a2815a e9edf9a2a5c0c6d8dbab1b33b9c3bbda5c083670a3550f7d74c4263aad09f8ed1d43 5fc6295ca4d51fc02c7de9ae28ffd53372c3fa864521b27560daa11ab9daad8d0d74 7661718d2f79c59d0661b09c74863fa32bdcb1c408d3bd24569c57aecae6e06c0c9d eb7303c5b7b1240960fd2413d61b2e3829af8c09874fdba0fe84ca6aa7e7d533f9b0 ddfe508f562b132ca2d325f1e73f91a8a6b831a2fd9bc0bd5bfa5ea3a1dee16bd9b2 64174b9553a4c0c0d62373353355c05b35824e4bae702f49e5a6bf83eaff65af4990 45bcef1470a0e58ddb21856034af0db96f8636d4a6f1591f34c7224e0c0293e3d3be 2139f2797c5ed8b65473ac2f83c52b87f8cf8754ac2f55f5e41e105df1d079a647fb 1aa591526295667f37db1129752d024eb03bfe506a43665072118423351ef9b86633 76f9fc073141e1e7bc inv = 80682c48982407b489d53d1261b19ec8627d02b8cda5336750b8cee332ae26 0de57b02d72609c1e0e9f28e2040fc65b6f02d56dbd6aa9af8fde656f70495dfb723 ba01173d4707a12fddac628ca29f3e32340bd8f7ddb557cf819f6b01e445ad96f874 ba235584ee71f6581f62d4f43bf03f910f6510deb85e8ef06c7f09d9794a008be7ff 2529f0ebb69decef646387dc767b74939265fec0223aa6d84d2a8a1cc912d5ca25b4 e144ab8f6ba054b54910176d5737a2cff011da431bd5f2a0d2d66b9e70b39f4b050e 45c0d9c16f02deda9ddf2d00f3e4b01037d7029cd49c2d46a8e1fc2c0c17520af1f4 b5e25ba396afc4cd60c494a4c426448b35b49635b337cfb08e7c22a39b256dd032c0 0adddafb51a627f99a0e1704170ac1f1912e49d9db10ec04c19c58f420212973e0cb 329524223a6aa56c7937c5dffdb5d966b6cd4cbc26f3201dd25c80960a1a111b3294 7bb78973d269fac7f5186530930ed19f68507540eed9e1bab8b00f00d8ca09b3f099 aae46180e04e3584bd7ca054df18a1504b89d1d1675d0966c4ae1407be325cdf623c f13ff13e4a28b594d59e3eadbadf6136eee7a59d6a444c9eb4e2198e8a974f27a39e b63af2c9af3870488b8adaad444674f512133ad80b9220e09158521614f1faadfe85 05ef57b7df6813048603f0dd04f4280177a11380fbfc861dbcbd7418d62155248dad 5fdec0991f blinded_msg = aa3ee045138d874669685ffaef962c7694a9450aa9b4fd6465db9b 3b75a522bb921c4c0fdcdfae9667593255099cff51f5d3fd65e8ffb9d3b3036252a6 b51b6edfb3f40382b2bbf34c0055e4cbcc422850e586d84f190cd449af11dc65545f 5fe26fd89796eb87da4bda0c545f397cddfeeb56f06e28135ec74fd477949e7677f6 f36cfae8fd5c1c5898b03b9c244cf6d1a4fb7ad1cb43aff5e80cb462fac541e72f67 f0a50f1843d1759edfaae92d1a916d3f0efaf4d650db416c3bf8abdb5414a78cebc9 7de676723cb119e77aea489f2bbf530c440ebc5a75dccd3ebf5a412a5f346badd61b ee588e5917bdcce9dc33c882e39826951b0b8276c6203971947072b726e935816056 ff5cb11a71ca2946478584126bb877acdf87255f26e6cca4e0878801307485d3b7bb 89b289551a8b65a7a6b93db010423d1406e149c87731910306e5e410b41d4da32346 24e74f92845183e323cf7eb244f212a695f8856c675fbc3a021ce649e22c6f0d053a 9d238841cf3afdc2739f99672a419ae13c17f1f8a3bc302ec2e7b98e8c353898b715 0ad8877ec841ea6e4b288064c254fefd0d049c3ad196bf7ffa535e74585d0120ce72 8036ed500942fbd5e6332c298f1ffebe9ff60c1e117b274cf0cb9d70c36ee4891528 996ec1ed0b178e9f3c0c0e6120885f39e8ccaadbb20f3196378c07b1ff22d10049d3 039a7a92fe7efdd95d blind_sig = 3f4a79eacd4445fca628a310d41e12fcd813c4d43aa4ef2b81226953 248d6d00adfee6b79cb88bfa1f99270369fd063c023e5ed546719b0b2d143dd1bca4 6b0e0e615fe5c63d95c5a6b873b8b50bc52487354e69c3dfbf416e7aca18d5842c89 b676efdd38087008fa5a810161fcdec26f20ccf2f1e6ab0f9d2bb93e051cb9e86a9b 28c5bb62fd5f5391379f887c0f706a08bcc3b9e7506aaf02485d688198f5e22eefdf 837b2dd919320b17482c5cc54271b4ccb41d267629b3f844fd63750b01f5276c79e3 3718bb561a152acb2eb36d8be75bce05c9d1b94eb609106f38226fb2e0f5cd5c5c39 c59dda166862de498b8d92f6bcb41af433d65a2ac23da87f39764cb64e79e74a8f4c e4dd567480d967cefac46b6e9c06434c3715635834357edd2ce6f105eea854ac126c cfa3de2aac5607565a4e5efaac5eed491c335f6fc97e6eb7e9cea3e12de38dfb3152 20c0a3f84536abb2fdd722813e083feda010391ac3d8fd1cd9212b5d94e634e69ebc c800c4d5c4c1091c64afc37acf563c7fc0a6e4c082bc55544f50a7971f3fb97d5853 d72c3af34ffd5ce123998be5360d1059820c66a81e1ee6d9c1803b5b62af6bc87752 6df255b6d1d835d8c840bebbcd6cc0ee910f17da37caf8488afbc08397a1941fcc79 e76a5888a95b3d5405e13f737bea5c78d716a48eb9dc0aec8de39c4b45c6914ad4a8 185969f70b1adf46 sig = 191e941c57510e22d29afad257de5ca436d2316221fe870c7cb75205a6c071 c2735aed0bc24c37f3d5bd960ab97a829a508f966bbaed7a82645e65eadaf24ab5e6 d9421392c5b15b7f9b640d34fec512846a3100b80f75ef51064602118c1a77d28d93 8f6efc22041d60159a518d3de7c4d840c9c68109672d743d299d8d2577ef60c19ab4 63c716b3fa75fa56f5735349d414a44df12bf0dd44aa3e10822a651ed4cb0eb6f47c 9bd0ef14a034a7ac2451e30434d513eb22e68b7587a8de9b4e63a059d05c8b22c7c5 1e2cfee2d8bef511412e93c859a13726d87c57d1bc4c2e68ab121562f839c3a3d233 e87ed63c69b7e57525367753fbebcc2a9805a2802659f5888b2c69115bf865559f10 d906c09d048a0d71bfee4b33857393ec2b69e451433496d02c9a7910abb954317720 bbde9e69108eafc3e90bad3d5ca4066d7b1e49013fa04e948104a1dd82b12509ecb1 46e948c54bd8bfb5e6d18127cd1f7a93c3cf9f2d869d5a78878c03fe808a0d799e91 0be6f26d18db61c485b303631d3568368fc41986d08a95ea6ac0592240c19d7b2241 6b9c82ae6241e211dd5610d0baaa9823158f9c32b66318f5529491b7eeadcaa71898 a63bac9d95f4aa548d5e97568d744fc429104e32edd9c87519892a198a30d333d427 739ffb9607b092e910ae37771abf2adb9f63bc058bf58062ad456cb934679795bbdf cdfad5e0f2]]></artwork>]]></sourcecode> </section> <section anchor="rsabssa-sha384-psszero-randomized-test-vector"> <name>RSABSSA-SHA384-PSSZERO-Randomized Test Vector</name><artwork><![CDATA[<sourcecode name="" type="test-vectors"><![CDATA[ p = e1f4d7a34802e27c7392a3cea32a262a34dc3691bd87f3f310dc756734889305 59c120fd0410194fb8a0da55bd0b81227e843fdca6692ae80e5a5d414116d4803fca 7d8c30eaaae57e44a1816ebb5c5b0606c536246c7f11985d731684150b63c9a3ad9e 41b04c0b5b27cb188a692c84696b742a80d3cd00ab891f2457443dadfeba6d6daf10 8602be26d7071803c67105a5426838e6889d77e8474b29244cefaf418e381b312048 b457d73419213063c60ee7b0d81820165864fef93523c9635c22210956e53a8d9632 2493ffc58d845368e2416e078e5bcb5d2fd68ae6acfa54f9627c42e84a9d3f277401 7e32ebca06308a12ecc290c7cd1156dcccfb2311 q = c601a9caea66dc3835827b539db9df6f6f5ae77244692780cd334a006ab353c8 06426b60718c05245650821d39445d3ab591ed10a7339f15d83fe13f6a3dfb20b945 2c6a9b42eaa62a68c970df3cadb2139f804ad8223d56108dfde30ba7d367e9b0a7a8 0c4fdba2fd9dde6661fc73fc2947569d2029f2870fc02d8325acf28c9afa19ecf962 daa7916e21afad09eb62fe9f1cf91b77dc879b7974b490d3ebd2e95426057f35d0a3 c9f45f79ac727ab81a519a8b9285932d9b2e5ccd347e59f3f32ad9ca359115e7da00 8ab7406707bd0e8e185a5ed8758b5ba266e8828f8d863ae133846304a2936ad7bc7c 9803879d2fc4a28e69291d73dbd799f8bc238385 n = aec4d69addc70b990ea66a5e70603b6fee27aafebd08f2d94cbe1250c556e047 a928d635c3f45ee9b66d1bc628a03bac9b7c3f416fe20dabea8f3d7b4bbf7f963be3 35d2328d67e6c13ee4a8f955e05a3283720d3e1f139c38e43e0338ad058a9495c533 77fc35be64d208f89b4aa721bf7f7d3fef837be2a80e0f8adf0bcd1eec5bb040443a 2b2792fdca522a7472aed74f31a1ebe1eebc1f408660a0543dfe2a850f106a617ec6 685573702eaaa21a5640a5dcaf9b74e397fa3af18a2f1b7c03ba91a6336158de420d 63188ee143866ee415735d155b7c2d854d795b7bc236cffd71542df34234221a0413 e142d8c61355cc44d45bda94204974557ac2704cd8b593f035a5724b1adf442e78c5 42cd4414fce6f1298182fb6d8e53cef1adfd2e90e1e4deec52999bdc6c29144e8d52 a125232c8c6d75c706ea3cc06841c7bda33568c63a6c03817f722b50fcf898237d78 8a4400869e44d90a3020923dc646388abcc914315215fcd1bae11b1c751fd52443aa c8f601087d8d42737c18a3fa11ecd4131ecae017ae0a14acfc4ef85b83c19fed33cf d1cd629da2c4c09e222b398e18d822f77bb378dea3cb360b605e5aa58b20edc29d00 0a66bd177c682a17e7eb12a63ef7c2e4183e0d898f3d6bf567ba8ae84f84f1d23bf8 b8e261c3729e2fa6d07b832e07cddd1d14f55325c6f924267957121902dc19b3b329 48bdead5 e = 010001 d = 0d43242aefe1fb2c13fbc66e20b678c4336d20b1808c558b6e62ad16a2870771 80b177e1f01b12f9c6cd6c52630257ccef26a45135a990928773f3bd2fc01a313f1d ac97a51cec71cb1fd7efc7adffdeb05f1fb04812c924ed7f4a8269925dad88bd7dcf bc4ef01020ebfc60cb3e04c54f981fdbd273e69a8a58b8ceb7c2d83fbcbd6f784d05 2201b88a9848186f2a45c0d2826870733e6fd9aa46983e0a6e82e35ca20a439c5ee7 b502a9062e1066493bdadf8b49eb30d9558ed85abc7afb29b3c9bc644199654a4676 681af4babcea4e6f71fe4565c9c1b85d9985b84ec1abf1a820a9bbebee0df1398aae 2c85ab580a9f13e7743afd3108eb32100b870648fa6bc17e8abac4d3c99246b1f0ea 9f7f93a5dd5458c56d9f3f81ff2216b3c3680a13591673c43194d8e6fc93fc1e37ce 2986bd628ac48088bc723d8fbe293861ca7a9f4a73e9fa63b1b6d0074f5dea2a624c 5249ff3ad811b6255b299d6bc5451ba7477f19c5a0db690c3e6476398b1483d10314 afd38bbaf6e2fbdbcd62c3ca9797a420ca6034ec0a83360a3ee2adf4b9d4ba29731d 131b099a38d6a23cc463db754603211260e99d19affc902c915d7854554aabf608e3 ac52c19b8aa26ae042249b17b2d29669b5c859103ee53ef9bdc73ba3c6b537d5c34b 6d8f034671d7f3a8a6966cc4543df223565343154140fd7391c7e7be03e241f4ecfe b877a051 msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c80023a a6b59f8cfec5fdbb36331372ebefedae7d msg_prefix = 84ea86c8cf3beedfed73beceabd792027c609d1100bf041fdd60d82 6a718130d prepared_msg = 84ea86c8cf3beedfed73beceabd792027c609d1100bf041fdd60d 826a718130d8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c8 0023aa6b59f8cfec5fdbb36331372ebefedae7d salt = encoded_msg = 37f4ea66054b3570f2c46f43125a8df8d751a81db1003edcc70e98 88cb3d0fa71bb7634437a779c1bf9e84e88b3479894490ee41cd69fc8e911478326f e8460d1699f96abedde22ba0ba25a02f78bae77eb039decd41e6cd40fecc28f301c9 4d5644eb3e55b316569e2bec3ccf8e33b06eb6defca5fe672613d33ea60f84daa560 ded4c1c5e65613fb19e090d0fc96a1394e29dfad6a7644362bf30bdc90c7ca0a0651 90f5a099b5c33ae787b872518a724d9aa139229656eb21053bbe86c38f6d03b4c6fa 37a900935d9b8d19e0c394be4af6af028680996e3fd533b6698ce9e2ed6a9f96d4d3 a682027ae5240040e55d75017dc303b7142c1f7e17b79778a94431398d21dc0cc7ae 454cc0d6cf4db4d588d3fd15fd7f71576052fd2a52d688f99790dfb13808ecb24b6b 9e9a43a8c0105670ec3ad8d6318a9c6a9cef9eb99b36d74b8e83dbacf6e8100e135b 609850b34a4b01091b263678d7cd9905af2ffda801a2888d863a25211903b43cb5e5 9f5dba6bc18713ce4f028f1774c593664912f1d181d4544a13a1da354332d8595f59 cf5af260a8aaf21a6bc948b5d5d4a520c1f72c216259dc12a33c2a3bd4d32ff2bf3d e2ffe76e51f8af030b40fadc5899e740da20be1dd5a50f701292ceaee51fa35d9a04 7f3efc6543dc583fb3f23abeade39c2a5b5b352de26d7a11267435be7bffa8f2292e 139fad923dbaf863bc inv = 80682c48982407b489d53d1261b19ec8627d02b8cda5336750b8cee332ae26 0de57b02d72609c1e0e9f28e2040fc65b6f02d56dbd6aa9af8fde656f70495dfb723 ba01173d4707a12fddac628ca29f3e32340bd8f7ddb557cf819f6b01e445ad96f874 ba235584ee71f6581f62d4f43bf03f910f6510deb85e8ef06c7f09d9794a008be7ff 2529f0ebb69decef646387dc767b74939265fec0223aa6d84d2a8a1cc912d5ca25b4 e144ab8f6ba054b54910176d5737a2cff011da431bd5f2a0d2d66b9e70b39f4b050e 45c0d9c16f02deda9ddf2d00f3e4b01037d7029cd49c2d46a8e1fc2c0c17520af1f4 b5e25ba396afc4cd60c494a4c426448b35b49635b337cfb08e7c22a39b256dd032c0 0adddafb51a627f99a0e1704170ac1f1912e49d9db10ec04c19c58f420212973e0cb 329524223a6aa56c7937c5dffdb5d966b6cd4cbc26f3201dd25c80960a1a111b3294 7bb78973d269fac7f5186530930ed19f68507540eed9e1bab8b00f00d8ca09b3f099 aae46180e04e3584bd7ca054df18a1504b89d1d1675d0966c4ae1407be325cdf623c f13ff13e4a28b594d59e3eadbadf6136eee7a59d6a444c9eb4e2198e8a974f27a39e b63af2c9af3870488b8adaad444674f512133ad80b9220e09158521614f1faadfe85 05ef57b7df6813048603f0dd04f4280177a11380fbfc861dbcbd7418d62155248dad 5fdec0991f blinded_msg = 4c1b82d9b97b968b2ce0754e326abd49e3d723ed937d84bead34b6 a834483b43d510bf62ca47683ed366d94d3d357b270a85cf2cc2ddd171141b45d754 9d5373cf67d14f6f462c14ebded906793144faba37f129c0f3172854ec0f854e5555 52eec5a30c87788f1039814594f04348709e26a883be82affff207b1886b75c037f4 3f847f45d89bcbf210c22ffcdf8118ce8a526b3723e6209c26319f8f5d2adcf0b637 031c9fdf53470a915c587e30287ba88ed4f1cd5e93cf3d4990acf31fffdbfddec80a e0b728d5b4c612a396fd81acaa65566a4dc1c24624f44fd10cdba05f3d0bed2e69bb 0d13d41a9f1b4e67aa566520778733ced5e6260f4d1982f63bb835442acffe3cb87f 5f8ec6bb84226e0eab787159d08e57604b13557ceea97f2c4ad0631accf898f302df 86f0b64354ec0b3bdf1b4e2a4deb4d38f655ea8d80de4cc19aa06ffcd56e348faf89 4c8774c53235ddcc152d80cf66b417eee4d182781bab8c979937a3c7502d8f39c57c 4f09884de5a7247f2539910a96e4b15f9a3df88edc21a13030af357467a99dca50db a4afe4a6185a240ac8f1d8aab2e83443025f94e1af930f56f78661369cc6790701f3 1b83aec40f96a72c7f7ba13b4ebdd8e24e7351f4ffba0a7c072cb28f13aff06cd023 68491044fcc536213b2e3b1cf6ca81cf2097b7b19d2b36bd246f390f53768f1c2e56 113ea91b33c7cfa647 blind_sig = 4894f64d7214c216282d9842cbf7e7cccd9c0dcb1f4294a6bdeccd4c 4c2446160d7cac7892f01b70dfa69f533891d2fbb447f7cf7541d1b504a2d46fc1bb 6de26b345972aada8ebce280b906f3a10a13208f77ef896fbe6bc4504327fd4c5c8f 03211d45ae9672e9f4be0f4900762ba2a7177a58b90d6dd1263faf2b7a5f15d50a7b 00e733742c1b6a1ea4eb5fbfb407abf14496ab26b50cf1a5a56dea616b7a6a559577 7400571a751c682b9fdd6badb3f72292f314f4ba2ba0f394f91676a4bb12e60ea08c 977f7082be6357c1ca82fe3301fe5fb4128609bee2410db0481aea3a5737fb0bce93 81272c2202644f662e99f64bf1190d66e230cc0371ec33fe32fe725dfd872041914d 39462a909414a780c9aab394af443199eba56c83986d22d57d4421b41ff8e5bec537 d271223adb34d26c64989048a88d8f352a06a7cc153e216a6bed9548bb38d2a1600b 2f3403289df6df74aec525ef9e413b7140a7c1a914dedd74a336f1beed39a8e5e2ce f76cac094df0dbb3fa55d4b7ee781c74bed3bd8bc7aa6ef3f1dbfa4674945720ec93 dafa6d0650229ab75e3fae687327fac081cf4bb376e02a2b73314c54c12f88572c28 980f13aba5731bc5a3a60575ea116c8ea2fe5009168deb1255026c9310783ff7f644 255d3e1691e194db1babd7780b9a5dc0cb3de2b700d12f49cbe4db51ca2f3c8a58b0 9e854cc71e8070ab sig = 195363ba25e4bf763f6538c86865785f93f4ea6092da3ad200d41b99eb0eb0 869fa792df619fd8fa5923d5d03d5882faae6d25054118deef5e4a6a252dd5afb0da c262b74c391090b1575fbafd959d26bc294f47fb45a2c1c209932c4f94b24394eded 91fbdd015e1a85dde63c9e77a0283f812cad1192d86432c51331e46fd4f3771bbafb 929f847a19cb05e5f79b6b519d67e8f005951e53656be97cb612d2f506618b366403 b34648451d6fbc7318c2f3f583cc6fa17bf2108398f9284e0602187904406a9322f1 e7b8016ca9ad11b835756df862c465c420535e25faa48bf341f7ee8192be47fa8757 91f32f56d5e631d237060688f052426dee5b0b2b74ca5f830e82a453379eedb541fa 4fcdaa19dae6509401e3cdd4c40f5c9243db3f6d7115c4e8cd6db8290723ab01d9d0 d7e355a97a01547800e43f11736668c3f8908848d759c33a67a2f506abc3f6871cbe 625b1bc71eb06d785a59501396712c581a60d6ccc450d2f4eb4cf08ae0dbfa45c286 0425be90cc4cd4c989495bbd2963e19c59ae5d90d1ca884e80d654b5f2cd6a80c358 8b514ee91c802736f594c340397b316a97e9c70b0609955b6c3ee06f4760d9377f07 97a0411a244db395bb8b711ef79fbcb5589226174029be79a72dcd6f4ca566b7b1b9 a27e43b5c02a9a579d60bdda183398d66d76e0e8eceb1af2f27633589d043bcdc041 683b31f7f1]]></artwork>]]></sourcecode> </section> <section anchor="rsabssa-sha384-pss-deterministic-test-vector"> <name>RSABSSA-SHA384-PSS-Deterministic Test Vector</name><artwork><![CDATA[<sourcecode name="" type="test-vectors"><![CDATA[ p = e1f4d7a34802e27c7392a3cea32a262a34dc3691bd87f3f310dc756734889305 59c120fd0410194fb8a0da55bd0b81227e843fdca6692ae80e5a5d414116d4803fca 7d8c30eaaae57e44a1816ebb5c5b0606c536246c7f11985d731684150b63c9a3ad9e 41b04c0b5b27cb188a692c84696b742a80d3cd00ab891f2457443dadfeba6d6daf10 8602be26d7071803c67105a5426838e6889d77e8474b29244cefaf418e381b312048 b457d73419213063c60ee7b0d81820165864fef93523c9635c22210956e53a8d9632 2493ffc58d845368e2416e078e5bcb5d2fd68ae6acfa54f9627c42e84a9d3f277401 7e32ebca06308a12ecc290c7cd1156dcccfb2311 q = c601a9caea66dc3835827b539db9df6f6f5ae77244692780cd334a006ab353c8 06426b60718c05245650821d39445d3ab591ed10a7339f15d83fe13f6a3dfb20b945 2c6a9b42eaa62a68c970df3cadb2139f804ad8223d56108dfde30ba7d367e9b0a7a8 0c4fdba2fd9dde6661fc73fc2947569d2029f2870fc02d8325acf28c9afa19ecf962 daa7916e21afad09eb62fe9f1cf91b77dc879b7974b490d3ebd2e95426057f35d0a3 c9f45f79ac727ab81a519a8b9285932d9b2e5ccd347e59f3f32ad9ca359115e7da00 8ab7406707bd0e8e185a5ed8758b5ba266e8828f8d863ae133846304a2936ad7bc7c 9803879d2fc4a28e69291d73dbd799f8bc238385 n = aec4d69addc70b990ea66a5e70603b6fee27aafebd08f2d94cbe1250c556e047 a928d635c3f45ee9b66d1bc628a03bac9b7c3f416fe20dabea8f3d7b4bbf7f963be3 35d2328d67e6c13ee4a8f955e05a3283720d3e1f139c38e43e0338ad058a9495c533 77fc35be64d208f89b4aa721bf7f7d3fef837be2a80e0f8adf0bcd1eec5bb040443a 2b2792fdca522a7472aed74f31a1ebe1eebc1f408660a0543dfe2a850f106a617ec6 685573702eaaa21a5640a5dcaf9b74e397fa3af18a2f1b7c03ba91a6336158de420d 63188ee143866ee415735d155b7c2d854d795b7bc236cffd71542df34234221a0413 e142d8c61355cc44d45bda94204974557ac2704cd8b593f035a5724b1adf442e78c5 42cd4414fce6f1298182fb6d8e53cef1adfd2e90e1e4deec52999bdc6c29144e8d52 a125232c8c6d75c706ea3cc06841c7bda33568c63a6c03817f722b50fcf898237d78 8a4400869e44d90a3020923dc646388abcc914315215fcd1bae11b1c751fd52443aa c8f601087d8d42737c18a3fa11ecd4131ecae017ae0a14acfc4ef85b83c19fed33cf d1cd629da2c4c09e222b398e18d822f77bb378dea3cb360b605e5aa58b20edc29d00 0a66bd177c682a17e7eb12a63ef7c2e4183e0d898f3d6bf567ba8ae84f84f1d23bf8 b8e261c3729e2fa6d07b832e07cddd1d14f55325c6f924267957121902dc19b3b329 48bdead5 e = 010001 d = 0d43242aefe1fb2c13fbc66e20b678c4336d20b1808c558b6e62ad16a2870771 80b177e1f01b12f9c6cd6c52630257ccef26a45135a990928773f3bd2fc01a313f1d ac97a51cec71cb1fd7efc7adffdeb05f1fb04812c924ed7f4a8269925dad88bd7dcf bc4ef01020ebfc60cb3e04c54f981fdbd273e69a8a58b8ceb7c2d83fbcbd6f784d05 2201b88a9848186f2a45c0d2826870733e6fd9aa46983e0a6e82e35ca20a439c5ee7 b502a9062e1066493bdadf8b49eb30d9558ed85abc7afb29b3c9bc644199654a4676 681af4babcea4e6f71fe4565c9c1b85d9985b84ec1abf1a820a9bbebee0df1398aae 2c85ab580a9f13e7743afd3108eb32100b870648fa6bc17e8abac4d3c99246b1f0ea 9f7f93a5dd5458c56d9f3f81ff2216b3c3680a13591673c43194d8e6fc93fc1e37ce 2986bd628ac48088bc723d8fbe293861ca7a9f4a73e9fa63b1b6d0074f5dea2a624c 5249ff3ad811b6255b299d6bc5451ba7477f19c5a0db690c3e6476398b1483d10314 afd38bbaf6e2fbdbcd62c3ca9797a420ca6034ec0a83360a3ee2adf4b9d4ba29731d 131b099a38d6a23cc463db754603211260e99d19affc902c915d7854554aabf608e3 ac52c19b8aa26ae042249b17b2d29669b5c859103ee53ef9bdc73ba3c6b537d5c34b 6d8f034671d7f3a8a6966cc4543df223565343154140fd7391c7e7be03e241f4ecfe b877a051 msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c80023a a6b59f8cfec5fdbb36331372ebefedae7d msg_prefix = prepared_msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a6 98c80023aa6b59f8cfec5fdbb36331372ebefedae7d salt = 051722b35f458781397c3a671a7d3bd3096503940e4c4f1aaa269d60300ce 449555cd7340100df9d46944c5356825abf encoded_msg = 6e0c464d9c2f9fbc147b43570fc4f238e0d0b38870b3addcf7a421 7df912ccef17a7f629aa850f63a063925f312d61d6437be954b45025e8282f9c0b11 31bc8ff19a8a928d859b37113db1064f92a27f64761c181c1e1f9b251ae5a2f8a404 7573b67a270584e089beadcb13e7c82337797119712e9b849ff56e04385d144d3ca9 d8d92bf78adb20b5bbeb3685f17038ec6afade3ef354429c51c687b45a7018ee3a69 66b3af15c9ba8f40e6461ba0a17ef5a799672ad882bab02b518f9da7c1a962945c2e 9b0f02f29b31b9cdf3e633f9d9d2a22e96e1de28e25241ca7dd04147112f57897340 3e0f4fd80865965475d22294f065e17a1c4a201de93bd14223e6b1b999fd548f2f75 9f52db71964528b6f15b9c2d7811f2a0a35d534b8216301c47f4f04f412cae142b48 c4cdff78bc54df690fd43142d750c671dd8e2e938e6a440b2f825b6dbb3e19f1d7a3 c0150428a47948037c322365b7fe6fe57ac88d8f80889e9ff38177bad8c8d8d98db4 2908b389cb59692a58ce275aa15acb032ca951b3e0a3404b7f33f655b7c7d83a2f8d 1b6bbff49d5fcedf2e030e80881aa436db27a5c0dea13f32e7d460dbf01240c2320c 2bb5b3225b17145c72d61d47c8f84d1e19417ebd8ce3638a82d395cc6f7050b6209d 9283dc7b93fecc04f3f9e7f566829ac41568ef799480c733c09759aa9734e2013d76 40dc6151018ea902bc inv = 80682c48982407b489d53d1261b19ec8627d02b8cda5336750b8cee332ae26 0de57b02d72609c1e0e9f28e2040fc65b6f02d56dbd6aa9af8fde656f70495dfb723 ba01173d4707a12fddac628ca29f3e32340bd8f7ddb557cf819f6b01e445ad96f874 ba235584ee71f6581f62d4f43bf03f910f6510deb85e8ef06c7f09d9794a008be7ff 2529f0ebb69decef646387dc767b74939265fec0223aa6d84d2a8a1cc912d5ca25b4 e144ab8f6ba054b54910176d5737a2cff011da431bd5f2a0d2d66b9e70b39f4b050e 45c0d9c16f02deda9ddf2d00f3e4b01037d7029cd49c2d46a8e1fc2c0c17520af1f4 b5e25ba396afc4cd60c494a4c426448b35b49635b337cfb08e7c22a39b256dd032c0 0adddafb51a627f99a0e1704170ac1f1912e49d9db10ec04c19c58f420212973e0cb 329524223a6aa56c7937c5dffdb5d966b6cd4cbc26f3201dd25c80960a1a111b3294 7bb78973d269fac7f5186530930ed19f68507540eed9e1bab8b00f00d8ca09b3f099 aae46180e04e3584bd7ca054df18a1504b89d1d1675d0966c4ae1407be325cdf623c f13ff13e4a28b594d59e3eadbadf6136eee7a59d6a444c9eb4e2198e8a974f27a39e b63af2c9af3870488b8adaad444674f512133ad80b9220e09158521614f1faadfe85 05ef57b7df6813048603f0dd04f4280177a11380fbfc861dbcbd7418d62155248dad 5fdec0991f blinded_msg = 10c166c6a711e81c46f45b18e5873cc4f494f003180dd7f115585d 871a28930259654fe28a54dab319cc5011204c8373b50a57b0fdc7a678bd74c52325 9dfe4fd5ea9f52f170e19dfa332930ad1609fc8a00902d725cfe50685c95e5b2968c 9a2828a21207fcf393d15f849769e2af34ac4259d91dfd98c3a707c509e1af55647e faa31290ddf48e0133b798562af5eabd327270ac2fb6c594734ce339a14ea4fe1b9a 2f81c0bc230ca523bda17ff42a377266bc2778a274c0ae5ec5a8cbbe364fcf0d2403 f7ee178d77ff28b67a20c7ceec009182dbcaa9bc99b51ebbf13b7d542be337172c64 74f2cd3561219fe0dfa3fb207cff89632091ab841cf38d8aa88af6891539f263adb8 eac6402c41b6ebd72984e43666e537f5f5fe27b2b5aa114957e9a580730308a5f5a9 c63a1eb599f093ab401d0c6003a451931b6d124180305705845060ebba6b0036154f cef3e5e9f9e4b87e8f084542fd1dd67e7782a5585150181c01eb6d90cb9588383738 4a5b91dbb606f266059ecc51b5acbaa280e45cfd2eec8cc1cdb1b7211c8e14805ba6 83f9b78824b2eb005bc8a7d7179a36c152cb87c8219e5569bba911bb32a1b923ca83 de0e03fb10fba75d85c55907dda5a2606bf918b056c3808ba496a4d95532212040a5 f44f37e1097f26dc27b98a51837daa78f23e532156296b64352669c94a8a855acf30 533d8e0594ace7c442 blind_sig = 364f6a40dbfbc3bbb257943337eeff791a0f290898a6791283bba581 d9eac90a6376a837241f5f73a78a5c6746e1306ba3adab6067c32ff69115734ce014 d354e2f259d4cbfb890244fd451a497fe6ecf9aa90d19a2d441162f7eaa7ce3fc4e8 9fd4e76b7ae585be2a2c0fd6fb246b8ac8d58bcb585634e30c9168a434786fe5e0b7 4bfe8187b47ac091aa571ffea0a864cb906d0e28c77a00e8cd8f6aba4317a8cc7bf3 2ce566bd1ef80c64de041728abe087bee6cadd0b7062bde5ceef308a23bd1ccc154f d0c3a26110df6193464fc0d24ee189aea8979d722170ba945fdcce9b1b4b63349980 f3a92dc2e5418c54d38a862916926b3f9ca270a8cf40dfb9772bfbdd9a3e0e089236 9c18249211ba857f35963d0e05d8da98f1aa0c6bba58f47487b8f663e395091275f8 2941830b050b260e4767ce2fa903e75ff8970c98bfb3a08d6db91ab1746c86420ee2 e909bf681cac173697135983c3594b2def673736220452fde4ddec867d40ff42dd3d a36c84e3e52508b891a00f50b4f62d112edb3b6b6cc3dbd546ba10f36b03f06c0d82 aeec3b25e127af545fac28e1613a0517a6095ad18a98ab79f68801e05c175e15bae2 1f821e80c80ab4fdec6fb34ca315e194502b8f3dcf7892b511aee45060e3994cd15e 003861bc7220a2babd7b40eda03382548a34a7110f9b1779bf3ef6011361611e6bc5 c0dc851e1509de1a sig = 6fef8bf9bc182cd8cf7ce45c7dcf0e6f3e518ae48f06f3c670c649ac737a8b 8119a34d51641785be151a697ed7825fdfece82865123445eab03eb4bb91cecf4d69 51738495f8481151b62de869658573df4e50a95c17c31b52e154ae26a04067d5ecdc 1592c287550bb982a5bb9c30fd53a768cee6baabb3d483e9f1e2da954c7f4cf492fe 3944d2fe456c1ecaf0840369e33fb4010e6b44bb1d721840513524d8e9a3519f40d1 b81ae34fb7a31ee6b7ed641cb16c2ac999004c2191de0201457523f5a4700dd64926 7d9286f5c1d193f1454c9f868a57816bf5ff76c838a2eeb616a3fc9976f65d4371de ecfbab29362caebdff69c635fe5a2113da4d4d8c24f0b16a0584fa05e80e607c5d9a 2f765f1f069f8d4da21f27c2a3b5c984b4ab24899bef46c6d9323df4862fe51ce300 fca40fb539c3bb7fe2dcc9409e425f2d3b95e70e9c49c5feb6ecc9d43442c33d5000 3ee936845892fb8be475647da9a080f5bc7f8a716590b3745c2209fe05b17992830c e15f32c7b22cde755c8a2fe50bd814a0434130b807dc1b7218d4e85342d70695a5d7 f29306f25623ad1e8aa08ef71b54b8ee447b5f64e73d09bdd6c3b7ca224058d7c67c c7551e9241688ada12d859cb7646fbd3ed8b34312f3b49d69802f0eaa11bc4211c2f 7a29cd5c01ed01a39001c5856fab36228f5ee2f2e1110811872fe7c865c42ed59029 c706195d52]]></artwork>]]></sourcecode> </section> <section anchor="rsabssa-sha384-psszero-deterministic-test-vector"> <name>RSABSSA-SHA384-PSSZERO-Deterministic Test Vector</name><artwork><![CDATA[<sourcecode name="" type="test-vectors"><![CDATA[ p = e1f4d7a34802e27c7392a3cea32a262a34dc3691bd87f3f310dc756734889305 59c120fd0410194fb8a0da55bd0b81227e843fdca6692ae80e5a5d414116d4803fca 7d8c30eaaae57e44a1816ebb5c5b0606c536246c7f11985d731684150b63c9a3ad9e 41b04c0b5b27cb188a692c84696b742a80d3cd00ab891f2457443dadfeba6d6daf10 8602be26d7071803c67105a5426838e6889d77e8474b29244cefaf418e381b312048 b457d73419213063c60ee7b0d81820165864fef93523c9635c22210956e53a8d9632 2493ffc58d845368e2416e078e5bcb5d2fd68ae6acfa54f9627c42e84a9d3f277401 7e32ebca06308a12ecc290c7cd1156dcccfb2311 q = c601a9caea66dc3835827b539db9df6f6f5ae77244692780cd334a006ab353c8 06426b60718c05245650821d39445d3ab591ed10a7339f15d83fe13f6a3dfb20b945 2c6a9b42eaa62a68c970df3cadb2139f804ad8223d56108dfde30ba7d367e9b0a7a8 0c4fdba2fd9dde6661fc73fc2947569d2029f2870fc02d8325acf28c9afa19ecf962 daa7916e21afad09eb62fe9f1cf91b77dc879b7974b490d3ebd2e95426057f35d0a3 c9f45f79ac727ab81a519a8b9285932d9b2e5ccd347e59f3f32ad9ca359115e7da00 8ab7406707bd0e8e185a5ed8758b5ba266e8828f8d863ae133846304a2936ad7bc7c 9803879d2fc4a28e69291d73dbd799f8bc238385 n = aec4d69addc70b990ea66a5e70603b6fee27aafebd08f2d94cbe1250c556e047 a928d635c3f45ee9b66d1bc628a03bac9b7c3f416fe20dabea8f3d7b4bbf7f963be3 35d2328d67e6c13ee4a8f955e05a3283720d3e1f139c38e43e0338ad058a9495c533 77fc35be64d208f89b4aa721bf7f7d3fef837be2a80e0f8adf0bcd1eec5bb040443a 2b2792fdca522a7472aed74f31a1ebe1eebc1f408660a0543dfe2a850f106a617ec6 685573702eaaa21a5640a5dcaf9b74e397fa3af18a2f1b7c03ba91a6336158de420d 63188ee143866ee415735d155b7c2d854d795b7bc236cffd71542df34234221a0413 e142d8c61355cc44d45bda94204974557ac2704cd8b593f035a5724b1adf442e78c5 42cd4414fce6f1298182fb6d8e53cef1adfd2e90e1e4deec52999bdc6c29144e8d52 a125232c8c6d75c706ea3cc06841c7bda33568c63a6c03817f722b50fcf898237d78 8a4400869e44d90a3020923dc646388abcc914315215fcd1bae11b1c751fd52443aa c8f601087d8d42737c18a3fa11ecd4131ecae017ae0a14acfc4ef85b83c19fed33cf d1cd629da2c4c09e222b398e18d822f77bb378dea3cb360b605e5aa58b20edc29d00 0a66bd177c682a17e7eb12a63ef7c2e4183e0d898f3d6bf567ba8ae84f84f1d23bf8 b8e261c3729e2fa6d07b832e07cddd1d14f55325c6f924267957121902dc19b3b329 48bdead5 e = 010001 d = 0d43242aefe1fb2c13fbc66e20b678c4336d20b1808c558b6e62ad16a2870771 80b177e1f01b12f9c6cd6c52630257ccef26a45135a990928773f3bd2fc01a313f1d ac97a51cec71cb1fd7efc7adffdeb05f1fb04812c924ed7f4a8269925dad88bd7dcf bc4ef01020ebfc60cb3e04c54f981fdbd273e69a8a58b8ceb7c2d83fbcbd6f784d05 2201b88a9848186f2a45c0d2826870733e6fd9aa46983e0a6e82e35ca20a439c5ee7 b502a9062e1066493bdadf8b49eb30d9558ed85abc7afb29b3c9bc644199654a4676 681af4babcea4e6f71fe4565c9c1b85d9985b84ec1abf1a820a9bbebee0df1398aae 2c85ab580a9f13e7743afd3108eb32100b870648fa6bc17e8abac4d3c99246b1f0ea 9f7f93a5dd5458c56d9f3f81ff2216b3c3680a13591673c43194d8e6fc93fc1e37ce 2986bd628ac48088bc723d8fbe293861ca7a9f4a73e9fa63b1b6d0074f5dea2a624c 5249ff3ad811b6255b299d6bc5451ba7477f19c5a0db690c3e6476398b1483d10314 afd38bbaf6e2fbdbcd62c3ca9797a420ca6034ec0a83360a3ee2adf4b9d4ba29731d 131b099a38d6a23cc463db754603211260e99d19affc902c915d7854554aabf608e3 ac52c19b8aa26ae042249b17b2d29669b5c859103ee53ef9bdc73ba3c6b537d5c34b 6d8f034671d7f3a8a6966cc4543df223565343154140fd7391c7e7be03e241f4ecfe b877a051 msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a698c80023a a6b59f8cfec5fdbb36331372ebefedae7d msg_prefix = prepared_msg = 8f3dc6fb8c4a02f4d6352edf0907822c1210a9b32f9bdda4c45a6 98c80023aa6b59f8cfec5fdbb36331372ebefedae7d salt = encoded_msg = 159499b90471b496c2639ec482e99feaba525c0420c565d17dc60c 1bb1f47703f04436cceaa8f69811e1bf8546fa971226c9e71421b32b571ed5ea0e03 2269d4219b4404316eb17a58f277634aeed394b7f3888153b5bb163e40807e605daf dd1789dd473b0846bdcb6524417bc3a35366fab4261708c0e4b4beba07a1a64bbccb 4b1ac215d1350a50a501e8e96612028b535ad731abf1f117ee07d07a4de9cef3d70f 5845ba84c29d5d92c6e66a1f9489a5f527b846825360fd6e90f40ed041c682e489f3 acde984a3ea580181418c1d15017af2657bc4b70485cdc0f1ebc3693e0d70a5d01f3 7ff640993fa071274fb9ee44e0c24dcb58ffa21a9a6540d87f24379beaafcc3b4bd4 2c45ec6820e03738ce98bea11c71685f31db63429fab8658bdb816f1ecccb1888f24 02de0bd2f0f9646decdcad4c11b41428eec1ed25f2a86d43bb04f95726bfbd98ea34 ca091b7adbabd0e28f17fa0345b89542d23c3530554987508a23641bd4f9e52962b0 bee3ac9ffe005322d26a39941c5847774300411c69635f96903e8d593530908bd92a 4fa6a2d52f88073a647a4b3894b7e4ebb80699e60227397bfa93f41b1c97e107b632 f68e70409372ead2f072c11cf99be4486fcbf763dde28ee156db26cd358a69fcb796 44f1f2fcc166f41a4c80f5851ee08be051f14b601418d6e56e61733b9b210c6bef17 edac121a754d19b9bc inv = 80682c48982407b489d53d1261b19ec8627d02b8cda5336750b8cee332ae26 0de57b02d72609c1e0e9f28e2040fc65b6f02d56dbd6aa9af8fde656f70495dfb723 ba01173d4707a12fddac628ca29f3e32340bd8f7ddb557cf819f6b01e445ad96f874 ba235584ee71f6581f62d4f43bf03f910f6510deb85e8ef06c7f09d9794a008be7ff 2529f0ebb69decef646387dc767b74939265fec0223aa6d84d2a8a1cc912d5ca25b4 e144ab8f6ba054b54910176d5737a2cff011da431bd5f2a0d2d66b9e70b39f4b050e 45c0d9c16f02deda9ddf2d00f3e4b01037d7029cd49c2d46a8e1fc2c0c17520af1f4 b5e25ba396afc4cd60c494a4c426448b35b49635b337cfb08e7c22a39b256dd032c0 0adddafb51a627f99a0e1704170ac1f1912e49d9db10ec04c19c58f420212973e0cb 329524223a6aa56c7937c5dffdb5d966b6cd4cbc26f3201dd25c80960a1a111b3294 7bb78973d269fac7f5186530930ed19f68507540eed9e1bab8b00f00d8ca09b3f099 aae46180e04e3584bd7ca054df18a1504b89d1d1675d0966c4ae1407be325cdf623c f13ff13e4a28b594d59e3eadbadf6136eee7a59d6a444c9eb4e2198e8a974f27a39e b63af2c9af3870488b8adaad444674f512133ad80b9220e09158521614f1faadfe85 05ef57b7df6813048603f0dd04f4280177a11380fbfc861dbcbd7418d62155248dad 5fdec0991f blinded_msg = 982790826556aabe6004467671a864397eea3b95740e9a11c8b80b 99ee0cf4dbc50af860bda81b601a2eceaa6943ef104f13325ad0be2e37f42030b312 0e87cfee8cfe59cde1acfb25485a43275ebe777292e2518181ae531e596f988ff16f 458daa5a42408939cbe60e7271391a21657276427d195bee6a20054101d4ceb892ec dea402ea1a866acf0e451a3336f07e7589330d96c3883fd5bc1a829a715b618b74a8 6b2a898764246ad081d4c9f1edb8ab5077e315fde2417ec2dd33cad93e120340b49b e89c18a63e62c6bb289037283d3bf18608be11ee4c823c710b0c6b89235fed3f03a7 b96ddd25a8f54f20dac37ce8905093ad8e066810f354fb1773236e3d3788ba755de2 c9bce8d340078bb1831ddc7314a5018673427ced65cb356281aae08b5e6636f3eb24 17e09d6ae476a9abcc410bc8c90813d0740e39ae75efae4c02eed49dbb7aa51258bb 71197445d17a6029bf566ba6b36282173af2c42e9b9631366f22eb6a19ef1d92bd3c e0631d3a7fb3288195b0ba380a3828d5411cefd5eba83e52198c001ac9946a333a33 d89d4d235fc833239d59837f04eaf065e9563659b00c7624a6263b727d8f2c07959b a2bb592e7ff251b8f09c85995fd2e4474e743586576b518230986b6076b762ae7708 8a37e4bffd2ef41ae68d6d4e79205290b4f76c42ef039638c41cdc6fe8af9b429c0d ee45b2942e3861da2a blind_sig = 362ef369f9b8c1487e285514702a7cd6fe03e4a2fb854881f3d3f986 b7742a0c9bfab6562a6cd5ed71c574af67d7e77e71b33420c08ebb0ff37886b85829 7f9562fc366066c6d8e77bad1918b04756ba03f5c385d44f06759daf1b7a38b2a642 48dee95d0e3886c8afa1f74afd8ac3c56520d0f3fd206df8e0d257312756803b09a7 9d0cc38112592c3aec32de5a9bc3284c5a0a2d0808b102deafa5cc60f04e3d71c028 4cba04f17f88aa8e07d5544fe0265807d515877f79d30ed26d522b9d9c56597647b0 dbca5a69d6418f8d1b51481723f272c2a3d48f6f4fd6beeac3576c3edb00e8779964 548aeab8e004c7c4f8ef9cb6e680e2d2d49792004bb3e6974fa48f241a361ca449c0 2bd4c0ad4e66252c55e656f16049908efe59acbafa1171895dfac64d909808e54204 69d622c7253ec1de7522b41634d383bf8786bf881cbf1561627f1e62b2d93300ec30 ec0f5f0ab32036fce068bc76b0b0c6452079537f8d7f8dcee4b42bbf2d9ad7499d38 35cd93cfc7e8ebea3554ab5241e181e5d73241b7bebf0a281b63594a35f4993e2b41 6d60db966b58b648cfcba2c4bee4c2830aae4a70ff55012480298f549c13b1b26842 77bca12f592471b8a99285174f1c0ebb38fc80e74a10b3f02ec3e6682ba873f7ff0e 1e79718b470927c74ed754d4f7c3d9a55e22246e829cdb5a1c6fb2a0a6c896df3030 63c918bcf5eb0017 sig = 4454b6983ff01cb28545329f394936efa42ed231e15efbc025fdaca00277ac f0c8e00e3d8b0ecebd35b057b8ebfc14e1a7097368a4abd20b555894ccef3d1b9528 c6bcbda6b95376bef230d0f1feff0c1064c62c60a7ae7431d1fdfa43a81eed9235e3 63e1ffa0b2797aba6aad6082fcd285e14fc8b71de6b9c87cb4059c7dc1e96ae1e637 95a1e9af86b9073d1d848aef3eca8a03421bcd116572456b53bcfd4dabb0a9691f1f abda3ed0ce357aee2cfee5b1a0eb226f69716d4e011d96eede5e38a9acb531a64336 a0d5b0bae3ab085b658692579a376740ff6ce69e89b06f360520b864e33d82d029c8 08248a19e18e31f0ecd16fac5cd4870f8d3ebc1c32c718124152dc905672ab0b7af4 8bf7d1ac1ff7b9c742549c91275ab105458ae37621757add83482bbcf779e777bbd6 1126e93686635d4766aedf5103cf7978f3856ccac9e28d21a850dbb03c811128616d 315d717be1c2b6254f8509acae862042c034530329ce15ca2e2f6b1f5fd59272746e 3918c748c0eb810bf76884fa10fcf749326bbfaa5ba285a0186a22e4f628dbf178d3 bb5dc7e165ca73f6a55ecc14c4f5a26c4693ce5da032264cbec319b12ddb9787d0ef a4fcf1e5ccee35ad85ecd453182df9ed735893f830b570faae8be0f6fe2e571a4e0d 927cba4debd368d3b4fca33ec6251897a137cf75474a32ac8256df5e5ffa518b88b4 3fb6f63a24]]></artwork>]]></sourcecode> </section> </section> <section numbered="false" anchor="acknowledgments"> <name>Acknowledgments</name> <t>We would like to thankBjoern Tackmann<contact fullname="Bjoern Tackmann"/>, who provided an editorial and security review of this document.</t> </section> </back><!-- ##markdown-source: H4sIAAAAAAAAA+y963YcyZWl+d+fwjv1o8gZAPT7hVNqNfNCicoL2USmVFVd vZLm5uZAFIEIVFzIhHKpnmWeZZ5svm1+CY8AwExpZrqn10JWiQQDHu52OWef vY8dMz89PQ22i+2Vex6+PX8Rfn61WLbh+eJiaba7tdsEpmnW7sMDv2xXdmmu +Wq7Nt32dLHedqe2W1+crjfmtNHVp5vp6tM4C1qzdc8Dy58Xq/Xt83Cx7FZB sLhZPw+3691mm0RRHSXBe3f7cbVun4evllu3Xrrt6Zd6QBBstmbZ/miuVkse eksLbhbPw/+2XdmTcLNab9eu2/DT7bV++O9BYHbby9X6eRCehjxq8zx8eRZ+ 6ZaLTRDyX9/0l2uzfD/7dLW+4EOz2V7d8nh75j9012Zx9Tzs2v8SRd0ZDTq4 5R+NXTWH93StWy/s/Df+vi9ubq7c3dsOl5/9m7/8vxhddWZX1/unfHEWvjgL /7xatbPHfHG5Xmy2q5tLtz74rX/UF1erXdtdmbWbP8qaj//l0pmbxfKiWWw3 viuBZmF9bbaLD0xOGP5+tbq4cn96891z/83BOj7jg7C5HX4bvl668M+Xi60L 35gbt/6sv9SsL9z2eXi53d5snj97xjSdXfjr1Ztnplntts8+3CyfXa4+LrZM 8XuNjR+UN+vFB8zirbsyt4fPXfiehMMFob8ifP3BrT8s3Mf7n/vx48ezaRCf Laxu8Axj3Tzrb/bjcLMf/c1+HG/245fOJlESn920Hfd9s3bb7S39bd9c0hP/ HXvUuP4aDQot1FXhcNnDDdttsLWfzpikZ3a17NzaLa171n+6cXa3Xmxvk/jZ DS7jlltmZbV8trGX14vt1t9zMmr/32lvH2/OwvPZNdPnn5+Fb83Fpflglvzi z9/W9WH7f1i+X64+LkM87nRzibGEZrs19v0mXC3D7aULN30LTrer0+HH8Mn5 9+dPw5v1Cr9bXfUdxeHozJYGj07rrzVXWCWzfLm60Q3f7AAFG37tbsMv1rc3 29XF2txc3vo7eGgIX9vtqnHrkzCu6/rh7p6fAUbmvTv98+Jqs1oe/hJX+NYt 3V+cjOvrb97+UxIddvo1LTGLNT5wiqe6Y1zTSLprt+FufgheXF24Zm1o+O/X q91N+O2qdVf3z6+74a7bs4Wxaz/BWFP0LI7KeNbFc3ezdde+k/r1w53841n4 NTi0dOs7n3+z2mwOP/yWiV5hMNz34s7l/7Tjoz9+/XWcHQxE+Nnb1Q6Mfn2z XVwzVW/MZiPcPX3D3Dq7dQyKs1h4eI5pMFwh6Bt+f/rmxddfjYMzfef1EsC8 /luGJs6eFXk0G5kXuwtigIaFUPGpuf8jhmrfL4bPB8D74YvwFW68dCfhFy9O wh/OX9wxi68X5nZhNkffW4J76w1eF6668AWdWhJEfo9hWHd4hz9wh7X5aP9y +/7wFq8+/xZc2jiztpcn4Xf/PD79m9tNkhza3vng4eELnON2s9jooQTX08/P z1/8aqNKnlV1/vAQ0VUefWuWm/fm1vC7z78516TerDbm6rA9/23Aq9MbJvK/ h1/95H33KmRIFt3CNIsrGvs8NCHuLVNwcnx/n/sbqzCjYWBMzxZu2/kW64Nn 15sLQG3/sGeff/n69eX5Nx8/T3c//NF2ny82m2L5w8t888OLZzOr+OPu6vaX XOXPdNi0in5vVle3WLN7+/r8jtPLXp8slk9HlPVD//r8b3DlOsv/xpZBDz53 y0tzTdgxh7/6nka7mxVP+XX+/Xq93t11enP7fvVBd5YRvfzyD4e9fovHrq75 qrFXIJoA/g0/bxcWQwhf4L5r0y4urkMYACRIbE1+/lXXLewCNA/fDDC/uX+U 7MZ9dM3Zzm7aM9funv3H9eJysX52I06webZeDaH0Pnj/hP1+q0G7mrjLPMq9 XV2Yj0Yh44tLs7uu0oP+HjNU360fllu67ExzJbi6vaZbmzudoS8b6/vCX2e7 S3vl+4MPXTzbOoNB84Pd2EWepNmfXTP68UtzdQVexc98c+6Q3rM3X76c9T+u q/Thbn951nfqU/j0hbla0KnlwpyE5wZ+EH5u1g2zOGLOW3cNeH+/uKbBL/pY fmQS/oKwvyIcLjm0jAfm2ofsM3FwWjDMdwupG6d7s7k63frbHk37t8b7SZTe 4Qpxsr0Mf/DcJ5yg8fz2GoRZDAPx0FB9Dtu6PByq86FpszG7+7X17vrK3f6a L37/L3fQm5ZsP0keNiHM9hIcvaF5y+0CKB379Tege5SVc5wxy51Z91CTfDIw fu82G7NefcqA/mw2suXtMWtCYfzL5e5Xf/MHgKGXC9Po/HDqP3uQ+F4v7Hq1 WXVbz8rd8nQHQgxRk8iw+jcox7Pd6Y1uMg8AL2Ffu/UwAPEnBuDb8QGHvZh/ /Pu355/Hhxx4j3XfrQA/4p+84IMLv3DrLTHQ9qy3D9Mif7urhSdCn7vb1bL9 tWSnehbl5UNwyO8/zXZ/v7pq71K7b8BDd/uXxdFUvkYMmIuLo3CjSGSu2sX1 drMIgtPT09A0GyEjCvD7S4gIAmkncAw3N87SccWLpQ8rjdnABT22hRO2TQrg zA/M0W/xA5RN2C3Wmy0Cc7tm3KxucttjnEfm3QyZbwZkRujOnrG9NNtQJGm3 vdltUcoEsy2NDcaHo2iXYeMGvsIDzNTqN+fn+zudHXeSn426QLO2mlyRg16U hC9XYMRE6AbW/+SLl29//3Skva/efv/yrB/F60XbXrkg+I2ET38/7CUIXq8X FwuoFLR41v/h+x4Af/IPJvwutkYd2VyGm9sN4mAzDVPw0DCFP/88BMC//vXk /gngzyVPZOhCOoUGdIEBnVoXrolqTs+WSB4MfOM/VUjwgzwxNXmoaPXF1NCp CduVz7AI5gYnuXb20iwXm2u1b8oj/PWv/OuOyvef3q+x//pXxvYt/Hu5FcPy Tuk2Ww3enV5eMuEXa2lYOgkH5DPMhXg0CtCNMBvEoQubvm/zXgfewlDf4Z8G xqvkBk/5sFjtNuGbjdu1q3XPol7ulrYfqid/ev3m7cvNU3rwO//jb1+dfnm2 z399WN2sO03MZmcvA1o4dMzLJX3pzdtXf3rxxT8jpc7P++/ClU+HQRc7Ph0N nLEIz3uHtDKmk7B/to/Yy9U2XDJOQv3F1W1w4wU2Fvdh6swJk2I8qfM9NaOn rPmia7mN1dc1eLJLf+9+8uEI7xHq/MJ/47YfKV00OKPsZ/rC4I141QcYSuvd 24QX4OiSaeNygpP87wp+MOQRmJN+HpRJdDdXq8GsPl4KORbeRdXBFlq69vNC W9oFmLVodl6ITK307ZcdboVaTL4SWupz39l+rs+CF2276K3Cm1Xv9PPO8sT3 yHMZmgn/YNbtR43yREw8+DOi+tpyJw2vQZiMbRMMSZPhVu2K6cAD1VHu03oL DTc+uzD0ciXV7FvRp0aGb67dv+8W+oaG8bAPwaulR4+1kVQefXLmEIqfcnKh mwZboWyE0Xvsw4eyduX8WAfDg4+sYj5Ed1rEqKwdIZsw9vPPPsmAZ+N0Hzf9 Y5UUE0ivHYbxF2FQbzMDEh4olD63IvS77MmGxmvs2um17PxCGLjgYf0A+hzV FC4IDBrsnVIXu03//RbRKmPAcBjgB4PYJ4Lg3rzV+f4Buve9qNs/dow/bmlX LR+cBBpmE3bmGj+V1XzAY43MXfdUSJuewqw65oIucBelBcIn92Tfe54Jqrpl u/jp6ZnsAgaLSTJpnbES7pqzvWedDD7Vum6x7EOR4IlWIajCybvpxO7K9+/J bum759qnwX7EjgOub4cJfWoej5m6frVoRNruDOzaDanNzRgJ+cdmt/n1Qfgs fKWOBAIHGvPqq+9fTpFcwzzgxr5NZ4rOb3vT7jHmu1UPQmpcb9dKYm3Cz779 4fz7z076v8PvXvuf3371X3949farL/Xz+R9efPPN9EMwXHH+h9c/fPPl/qf9 N794/e23X333Zf9lPg0PPgo++/bFP/Mbtfqz12++f/X6uxfffNa7xnzMhEKM CcPuY+GNEjGiOuDmxgKH/Wx+/sWb/+v/jDPc8D+9fflFEse1j7H6RxWXckt8 Ztk/zQNP/08G/TYgJjLQHviuxEVuBCubE9Ep+fIylLedBf/4OwzChafF7/5z oEE9HMdudXW1+uhjDS7Xh6idqOP2kum7uPRU5KBjQvShCwPSDJ42A9Xj0XgO 7wIiCBs/blc/LpbDpC+3+qf/HDWzWmKgsgF9ECpmqFUrf2lPArCR5enSXfh1 Dz+uF26tdZlP3tr3aUHg8obU883X58mrN/7KV8nr8zf6aD4v3HKYhCguRQow f8BFj726PdMQusn74CHdxDL6MVCQmPdCuQsRocXFqVzfDL/0vn/GyPRk5ceh Qz/ulsoXXD/59iT87unz8Pdu2d/UDBeehMMV2MM+uLbjgIRvNSJu+9ERyL/l U3sFwn3ow8Z3oftp+DfgcubOTrjkH38bvg3/MfxObWkW2x+v3PLJ8qmmxAOz n2bB8TXuvQ+iWo3yjKQPkxNI9Fax2izmsxQudfOFpnjjfrxetU9+OgnvPEMo NhA9/1V/tZ71k/LUoeASoFxciQj85PuznEiVXYmMXTv/nM2PduX/NT7mrRO3 1pKlO/7y+MXeyzp8iEfSnPXHxcbfTcOx4R7yF36+ADw9kZrN8ImfX1nbfj79 EE6Ttxw+7a+aQp3dL6r0ZPHUpzrdePUw3Bf9bVbeXJTXNdsnP0Un4dkZE/jT d34c9aFbTtJ3bn9nwmZm3sgLTjCP4RbRT1F8EvJnEqX+7yzKo+Jp+Fv9HOvT /hM9dcO8+OFcnIT/th/RvjsDM5h77ruf3gnN19tJoKy6buO24bvFOz/ScgWN gUT++Kt/e3eyN9jDVg8NOGzYSUj786HBs+aCc8fBd0yLhj//xkJ/9my9B8L7 4vWbGUc24fYjhkJ/bveQN3oZ83jl8xHql8SXWwcT2bkNxxSF3GQgO+E7wjPN 1sOebN6f9Iz7x+vNxdN3I1F6N33GhcguMdIn/opgkMKuJ6k+49PP+pz7jeTr Hd95N5JMr+d9FPct7o3+3eb9O3WSz4Px22NiWZH2+Lt9F1E5zgGUFtg+XS1a opWYEewNF/XLkYSh6d6DCbvW8yofY8YwsU9L/HAzqgy3nXp0QLT2j8cXzXrp icOl52t+1Mxm1rvxEg32OzjIMtQELuzuyqxP+jtLam0evqta4McvoGf7Cekt +O6D5t+i32e9be0zH8QIANsTp261W88ix+npOMUnvR0Of8lA+kl6qdQEdFyX 6t8D8ZeEAS60LKjbTukwhaDBPO8Yp5YxtoNdDGG8v+YfNpP1+L4Ggw0NZuIt 9eb90+lb/e1m39JlM2Ek3n88CI27WCw3h2Y42HKvefeW2xMoWWJvexORh1D8 x3/8R/CQg/hf+qcOt1fKgx4RkqRde6x6QFbc95yBU+tJ8tQPPM5PzpObA8+9 /7HERGjqu9k93o0qrR8++fsCwuyvphnScUMjh4EIHmrTjz2KTJbiJ2j2pFmT BvO+0yTdYmrQCAqzBnWD2W0O2d49LerbMprp4dgMrdLD/AjOGrbPTRw8AN88 9rfBjY9A4oSf12vY2VL6d/QKz8+Cvj8br4D6nMhsxv3twtUwKns4nXBz9vg+ Xu/nLJgZ+bsbEK4RzH9YvR8vI56c97Lq9E9fvX318p/lolsx8b2YC37++dz1 rlqdxWeJxmDPOs884Zi8foSKMVey6fHLXjr7Hi/hIwlBxeSppftMag/U8yTA ANbX+tqI2L7aZxgn3eQwRdFnQwddcATcPsdxs7D+4pPDiVzv8HazGaTGZjCW MAy/8JPj7USmGt7737kf7hF4+Nrp3/OfJ+APYEUY/lr3Du5v4sENHrxm35j/ fM+NfqU3P3j3/Q0evOQfZ8PBRX+Ht75aDumGa6M2rafwvOmtGNxwQxamB/df GdGCfRjsM56jCL1DECB2vxnvCpHrSfLiL71FB8G3Y7rJX2H6No2pmeagTZM/ nQzEZ0ReXTfB3wTAB5FIbZ+SKb55A3LIo/wgjni6DzLyp303vvcEz+cIPnLl 7Y3znGDW7j01eK6MCexLudLbey8ZU1XjcNCS+y7rAeWTdxoQRDn2gQFMaKik kc8G8JTNUH3oR8+LyHcHjvVqeEbPVgcC8AutC83u4nrKMd19tmouN5fDXQT1 Z8Gf3TC5k5WME6hbTDd+N7Tq7diAJxPN9tNs3jsPUP0zzTTn76bAM6Df5nCM 74kTynNt9smGvoeLMSHTOADwrMe/e9skF+NWYORp6N3wPiJ0cig9g+C1D6D+ SzMPPsqjDOnkNBkU29VqeeEDH8Yl2ArOt+6Ge8Rn+uePzFC3+IkZHbRsmjwN krMDEB005P7qHsaD9GwM6dPVPXz8ZhRlP//G+8WgvPrPptny+dd+IfPQCDQR /nsbZUW9SRxSUB+RVYnss419G2ZcbzZjw3AO6aw5E+uf3q9JHgj8YCL8Ihsb KIhXr0OO4qRvbp+QUuz/05vYN/irbwcS8NV3X7z+8ivv8mZzLwfYhPlZAgnQ 12roQHxIB46SUJjKAL7TyHU+iPfJ3WX4me+02ujW69X6s/6vkyPj3IRD+hPH X98GB35jLoD5HjRwgGaoLPPrJ0tlr3ry4BPS/t4+DbCBf6k81qd03cXV4mLR XLmzPqM83Vp8zFxtVn02Z2oyo+mXovzETy3u3VSdsQN7H9YoVt0epzbhk6vF e3dnbeZp+NG7tr8xhnF/73c3Wt6ffVVmNLIq5WV6H5p3YRidnln1/Z9zqqlC W5eKVwWtVlO4je/tbNSYynlCcf4MzyjpcW9Q00js7cdb7xqVzeitboblU3/b oI9Fs/HcnIV/WH103sz9Y/x1mgqlz1bWokf7soFBuQ9mvNgM7WhPgs1q/tUh a+8TNu1+pfwKiSsrGYxCDfE+PiDfnlr1kKeCtmut+PSwpwW73UY5yJ5HDhm3 Mb826gTla4ZrwyXf+4PZXPZf0DrUfgj7ZPaq/3Qe0U/Db3//sv/Gtdm8H/MT 85CkrJe52v5iW3RR+GTkGZtvvNYMB889AHX1ehBiMwHxhNu7p38v5h+w10PU p31Dk2fD2udh54g1DdKwenS8RLfcM7XgKz+peu5n+4aufDj57Hn41ix0K61S 3BPGRbSGa8Mn6/5SgvURRj5VtvGzcRluQK9funWPfdOXfunuR9h4392n3PPk Io2WS3ay49NjqLp7g1mf59np3vu1KLyPt0PMGcLqUXuf9HR8yspLr/Q36S3e G7HP7AyWehheekibPEwxnLhxHJX8aPmQO0Cu/8B/t/d0/4Dt6kbB/ZpGzhdc nsza/zTIzkLLBbMM/LUy8EHuH2w1Hj7FPj7jIdhXN6enFmfMwm8fWieJ/QPK s0G6zRcZ1v5XlX/27PPeXOZNuDdYHrShPgvFh3pQ9PC1fhrE0Vn4Fz59ch3+ b+FPT/tViiBmUmde6du0X4968peTuTtyk2RiTMdKdJ8lmRrYGbtlRtahX+9s Rl5N4LOX2k4wrpUNo7NfIfK1CD4Myw9vb/r1hrBVJP2wgNm6fxuSERtl3FUT uudsEm1BMP04T0L0WDwvOJhWAsctKWNyMTgmYgPl9tlMLzzm1SoPcbGzQMmV PjIdGvs+nyIqdUSg5uHnAXX9/0YomqH9Zob2++E5huypmyO/vUtUxxgwLHU+ GAV6wf5rYsAcx0d5KqcA7+8Bs/GK/cR6B5oHgWn5r1+7W/UZPV+29gl0PPwW 3aPDethUELCPUWMyOxqW7k7DeA7zvUk8PdAxx0B1MNk43ab3Z77nbeHaa5fr fzj08o3HNPDjOvxPv+W3I2rcGbY9VORnB/mcA+ffHDl/cej7PoMzqqV91J2y gB4opxz2pH16RSJUHUL4YfqYUR0k7Lw652RMYnhB1RfKTInUoeZgJqKm7wU7 JWBhsFLbh6vhc/L6cXF11S9H9CWVEwM7iNwqtfOVAktPNOZE8SA3dW9W6pE7 /h3c8QArZhmtEXtcL5Du4gju+TCbnBGmSXHPOeYBWP1dMDWyhMkOHwCqsa5s VD/67m7pfrrp98f11rfBro6+f9ie/jJV2S3/QSvUKsbtCdF4o765B0zule/E k2l8n3rImFvlgB33t2ePIElPK+6il7+rYErY9eQvsA45wsA7wKlfgTigU18w NqDfwSrF3td880U0xYL+Lq5Z+AGZnvXZ8fSdjMjnzcFBCvWoYYTuzvZ+dEZ8 /NNsPSMIXhzW8Ghh+mCd/68nc3Jxz3LTfBEouG8RyNyRRsOK1PfzNUufwZ7X K2vVd3ftTdKnFE96itaL+fn9vbCHKLj2bFgc2YyrVlqZ7/OR+4cfr0lNObAH V6WCX7MqFX5yVSrw2uNdDzvvZAB6kKqIzMGC3bBifN5f4ocpCOYTNo3mgwMX jgOnYpw+FdO6G790yXz3w3dvJnmx8dB9Z8F/KB8+SlIHx9876Rc+demsOXNF N8/4Hlb3Hj5iyu7eadv9zwjmz+jrXWYZ3TQ58fCyX5FSErvPv9+3gBlMOdKh mGhI6q7d9Uo25kssh3rVP421rT//Zr0xDd//67Des1/e0epObyaIis5vg9/6 cw3afWlsv+dGtzwLvzJM0PCbfXHuzAZnYPEgkb8nEyrL8Yk/rZvoV1OV8b3L Chpe7vrE3MGHw+Wjvz49Cw6avBtX4cG9OPxWgf73+0A/bi24v9mfS3+cHQuQ lzvvuJtxc8Bg5n2UHAiaLz3bD2jfalWW9zBzNN5DPnm/thqfjRNwev6HF2mV eWefDLF93hf1H9ym7ymXn3J9OFTQHFChk8CPgTeoo+s0jw+RIAX5rDrt46qI Th8ze2zQQ4O9dT68MPTk2JuYqPv7+S9fvX39P7Gvy9Bd32xv/WXq7v9n/Tz9 cl4h/z+4m788oZ9eYnxyhL+fns3/mT39pQn9W/sZTtmXy2EfydgHX6wyrTIe 7n+YVWFMtSpTtdZhFvRdH5H6gsZ91fohXHwSHrSs84t+1a9Y+LLzIzgadhoM i/f0QpvLLrQP7vZOND4I9T74D2WGweXi4vLUCRFvbg972D9hYzot9GgL2NHz x0Xqe1Zp5zUBwTD9ZtpdtM9IzGPCtMtGBaoM/XQMgWk/aCc3DRpXgPzBEUNs +vnn4W5jJx5YGOoLXDWMPejPR6QP6VPHpj1vYnG/BCQ3/WEg4Vj95OnmNXTa +h1yXvOttW0zmHaW9eQLRX+z3dwzepth65mv8xZ7mNMKlWL5rdPjZs9ReQaa 7lmA3owrasNKfZ9ifHHHDsYtTQ/6gYxgGIxfhRvBMI4nYSPqL8/ridpifWxf XufJAMNh7s7Cuw3k2cGvee64vGjxu26nJIjRGSJ/GYsnB2taXM/mPdia970A 1d4Ha1e7fUn9ZrFfg8UEmUT1S/edqmuH2e232B1va7jHMM/CP/vayGnvnlUp qxRxb5LLAw48VdcdTs1qPbfJ/UQdOfm42Ko0wXJKFRw47y94ruesh2u4HpJ/ 8Bd+ofLadtqF0ie7R/I67kXpZcX+sqFoh+50RuDLqB8vkR9pxTvbW0Zg79dB x9VRkK+9Go/gefHm1dFz++R6n9/oEdvD3pX74K5mdcEjb75f0vb8DwDptEat hXZPEt1PGnXmtF+CDfbWcbyt54CKMl1+bW7SDVZVDjO7xzR8QkynawxLRYFa oBXffQrAE+LFfnA/Xfzli6E2blwt1u1Uk73t0/4XO22M9FM0ToqWzNXL22nr h+L0T5dmt/Gp53H5mREJphWsvp7k0HCuGW+G6HqxPdppcDz//YXr3XJMa1+D gX6f3H4j5fF3BFHeAvYNmHbL+CL5gdP/ua8E692k6beqzkwrGGLixo+EUWGF BkPL834jlhmqJ45mfF9Ht5/6MUEzFdvT52Dq850VsHnJ/pSZ3WfaprrtqTKq X98clqeG0ox7EhNnWHFf/vPX45qO+0tTAl+a4h96VCo0NGaqR/A1DJse5O9O N0h61fZVJ8PE+GMJ3E8KekPlxAf1aRK32nLszi6Q1z6PMu5Q3ncsnLZgKuOi fe2Nlij6MegV9m/8Fg99TWeozfTjHrZ+/s20g+IudUMeX676ysKRox424WCf hlmsh1WxA9x4+erNeRhXxWlGCPjdl+fnv/3y9auzODoroqR69t2r8+/PdMmZ v8SvlL247/bjDku/6ug8yfObxpe3A4GZ1fjroI19KmDvJyb49TfeZxnGNMW0 wN8Xu3gg8IVtJ8FCW7LGe+9ublZr0aaPq9ldjr89JGHwGt8AH/qNXzAFyrd+ rc6PqNriIa//3lh75e5Jx6si26zXw7hjhP90lkd1aKeDSdzJ9LwZgxkSIsHr V18OOw/zMi8UnV9t96MzfoGw/9XS7xyTIfXf+Z2+k1SRn73f7DfAH8ZEbI14 eHoYibC62dljnoX7IiB3KsJ6Su8vHA54s7q6XRKatXd9fhzXMDVTGB9wpg/k warfJe6PmQt3vmq4Vz/D3bUWYzab3fXNUPG059JDWN3v0Bkpz20wFi31udzl /x4PZxjMawVnR5LsAILNuK1K4XKie4LIccIxzg4aEExbaOahcJjqJz29etpH pwEEPaGk1+AfT5G1bFbX2vI31Wvtxy44guF/2OxHc0qHnR1MiIesYVYmwLkz 7P2zRhN5MAEZ6GAscK5fofFbJg7H/PPp83HghyceC4ijPU9Bv3tgFhv2i/vD PPnhPUy7u5/ofK+FpuK0mSrbW8Z0vOWY3Byq/ozf9jA7e2HfL63cra76T+8M 11xQPZgR/j+YG4m7T8g5jMfuNpup2GG1GffjDwxvOLXrXDzmCwLP0mmnhQiQ 0brIcJrXvLZitojqub3xmms7yKZ2N5Qk9tgLcbid7TkZCw2CgzoMNMzGlxxq WYd22L4dauhCO+77ck1vfr3cWE0asp+tffGCl3iwjdVG7fj553sOL/OwdX+d 5RSSew/xBSpQhYNG9ceZhjoH42Kgpf2hB5v98Q2eVh/lc8fUaxzpliDiQaPG iBdHUfksPc2z6LSoiro8zX+s1eCX/Sq+33CuMe2fuW+EZ3TBSIDvafCeIr8/ GLRZnDsgjB9db937neQjxkxJh3HD2qHLDOsmw4oIpCNYrkKdCXvl2v6MoImk jXsd/NlXnjvtN+n7uvfw5grR49fpPI/yJ0Dp0UozWOMLm/feqF6fjr2eD01P kJuZJ3oL6ulUf76c/3JgRwcYtxHdaSFj1J/SNf/eONQbHVjyu5cvfvjm+/P7 JrSO8vQ0+lHnJoymMWwnuBYfkKEH2iN5SAyVTrrYmXW7T0N50/cVvmiJzjvq wSxP9cvjdN+3bdarlI2b33/MbNxLd/utXEenegSru2fe7Mtw/EyPjxT36As4 xlWh/jCfO2UuJ8G0qsizro/rXfwREvMjbWC/Ezr16ZDbqR76ibgR1xF/6cnT YOpsXwDeH3TkzyQaDMYdjueJJ92HCm+eahk0XjBVJmswviDguM18JxKf4g3X PeSO24DerprdxlezQGjRiJvNcL6fDkR1656/PLQPdEjUjq55X8gbEwPTLk03 7pobFh89yNnFGi3Xw+xm3HVsboeFbu2icOs+yWDWzWKrE1j2BVf9KaCHOaig X/h9uOGbSy91egfHHsxuGFCduLSZDmnzCDc8AdDpsz9GuS2dvrc/z2qcqrPw K3172k4yrwyTWU68fQy20rEjme5PADhQCToSzkNEH5vCB57q585cDSdUw1w2 qyvfob76vd/4g3K+ni8FztiN7/eF/2Kf+NT1fub6PkyLrvPpCz0YXl2dbrbr nd/W2Oog+pvh0ILVnaXbk/Avbj3HYf8QLf5rKvqceLe7mp0dtFsTRJ3uqnSJ ntwf7dO3rj9BT13aWIx1/70p6TQup6tHw4zvEcQfSDFC91hV19uJZ8qwnJNZ pna2uB0cdXt4spztyn3wiZl9r48TJ91xwvB4A38wZRAnCj7UKo0P7D1htlLg WcIg1T483ONgz+nb/uiFwTr09UNc+GpYWvj5N8fErq8i6SndmHIbmLHWMu9Q YMUBiSnf+L7aqRciM0k4LBkFC8+rPILc3R0SXq0+PrDkMa+w84By+IzAZ3oF KPLf24W7asOj0plNHyeUwJr0zP5EhSHD4bzrTzbRV/r1ZfXTgXIzkj5MtffR aSDc2s5PE/BbCvp7bu5vtm/Ona73wvzW3/Sh8TrWGePaQnDAlYZd4s6jyH5X vpkW92emuWcxH3ZXyrQM59cNfHQoqz42gWC3vPIw059POXxnDrNuIdTrl+a/ 37da2aJDIBrueFjGw011zKJ/ucWUj1MOrT8XFaYzns2lPb0yjyc6JWl2KurT 4Qan02KPkOr0GKnGE85813QOWZ8sn0ab28+SeGNnDtcfL70qZpp37rhXvvBl OY7Pxc6Xjo7Jm/lsXvrT3oEulSWGB0uB+4Umf3Nt7PLp3w86wXy48+yJUKbV evjsWtXxK8VNFRn7hZ9DYn5PbcV9EvGeip7T019YUtWS4C+uqeo2YxLXnz+q Yvxhz+vYf5+d93zYZ6Nm1b0bXGPT3e4T9uGT5OlM9fUeeLAMLKLWS0ik5Byy 1WNR/+ONaQd3cF03bkX0eYJj2npwfID3jKuP5na+tHgWzFrnV0+GJZhxIWqz W2z9rI46929bJOwh/+20XXiWewUL6POweumtdXOcHR+OIWqnZKtf/T9eJPZG 1m999XsYhhOexD2C3gu47TvPnVUiN2zY2KfVB0y5cwhU+OlDoIZ0XxZVShEO yUg/O74r47LI/jnjFpETLT3o19P5VvvoJRIwYps/a3M7AWLQLz1ejSwEb/IY p30LB9A87jLW08fTwBb7ytw9zzg6kGosxfAlJRMMz5pz0Mz9s/W9qxVDFuo0 t/Ek2W4GJ94HzGCUJ8EDm1+VXDWqoJqWzPsMiD+V82Bs24X0ld9/u/eNfUy4 I+n2aw5Dk6eYtR+1xeGeiDkNPQkaXx+rDM09Z5kc+tt4g/sqRGcRpT82pC/U kPNoTHtn0QrF+a7BkbY9wZ6SU297Ni9qGPavn9EAye98mhxfnX1rUnY+39qn wSeiMBqlZmVcsgjQpS90vseLp/2ATvsSfEDrH/hkOopo6t/TfsFjOpukTy+b WcZ/OjdkWh35+We9UucouSxbN9rvGx5Y+rzdA5UxD7ejT435s1OHo6J9172r SToNR93uO3g7Z2jXKNVesdnh6MiBQ5jg4Z5P4zSc6HmHe04FGfty881mpwSz 5vvFTFRphr8a10emY5OPTwKdfvD0aX5c6p01p/kBisPZwtPZgYHO6fLLNy91 2vh4zCmutbrm9sNe4rU/Tno6EnQzx+TvvzkP47N0QMIqy0DCk8AvtnxIJ3zM c8/bddickgxvvv7i/DcxD9u4qw5ksHa1bodTJocbDVvtP2NoLn2CarkKzOyF C70tjpmhceWmv++H+Cw/Gb15OgHbn8ll1WEB8ZSROAnGU1cPBupoFPzKkyTy TsnwdjUtkizdx4OYePaZ3u115aazXBFyPj/dM+CfQn/Qw9327o+7DXfNgog6 Ler0h7H3C2mCqyu/rb8vvG39a0f4yy42E4LJTvTON524srnx7xmbPefS+BPJ 96miadkjGLIxi+HlH/cckMzk/PHrb+NqyvnFWf4sTbK0TLMz/3dd+YWvlzsA 6suVskJ+z0L45OWXf9CZ38OrVhjhyWA9KdHKyuDyJ0Nm1R+I3ZfliYve02LZ Sz9zv/v661mrlIncRBGNO2U2T+sk5w9BzaSaaIJmxiuG6fhdv59tte3zJzrt 3fM/6e2+ZMPZy+XqanWxkBbcJ5CHex3wnwFzTe+b0zLoIUcaTjTpD3Twn4xj MpCmNyvUwn/dMQL+PF/TLvoc2veXnzg27cD5D4+MHRmBbvvvw21pZHs7RLbF VgcaThm+t1ox1ns7/mG+cKb3lIzlBWN5nrm64B/by/52Oqa5r/be9HVCL757 cX9N0NSya3/2y3LVXytKictuhtcENHi97vO93PhPTg8+LiqaSn62uuZDf82U MXlwrA5Kxo9Kes6OzuWd18jva8dHbJAOmD3bH7R7cxL++0moDRq44vOD3blH x/MRHvuP3j+dPedkqO+Zb7+9hKvJ3fXSsXEXrt9zppfHjRLwLn35xZt4Eemr dX32+uAg8KFWd3jQvw6nzDyf0jj3sPBf8bi+Atcv2Y4U1R+QPigbLw9nuu+w HvTeY5U05MPWi3/90Q/J9zM6h8Huek4/5oUPyt72qz2/+ESatq9N3g4dwWTp ntLrGz8lotDPB9lzdXs6qwsUt95Nu932Z6IfZHzO5qfc6vY+eRFmlZRDtD/i dhjoob/jeQLT+E80//tPbJHU/e9UZg/HBB+O4bTmNx238yuMc9jP+K+zA83+ Vdvnno8n2vS+OBB791NfqtyG7W46h7IfpKFmOJw/9O4j/bBMtx9WvO9Q8kGV fjJfMMMbv9XtJvxt6OIua0uTZlWUuKS0ZVonJrXOpIlJCn7MWpsWddy0Vdml XRpHrS3zgvhYVXUa5UFe2ziJujbK4iius66pTNSaPG/aqKniJCldlaVda01R cGdXRS43eZvFWRwXLU9NO2uCsq1sGjljjMtLl2UmruLCNU1u8yYqosLmaZFk hS27OK6rvC3TuKiyOI+aIrW1SU1buyCLmyizUZM39KOJq8rwRFtlRV00ZZaY KmpT20aRaao67pIsL7MsbU3bucYUbdGaLo6CqoiSxiVFW0ZlTOtsUcYRLc6S okorV9DrtlSfyqxJ6iTLrOtMl8WVS6u4SRmKrAoa7k0bs7hO4jSiiUXkXNlE bRVXSRQXeVVknevqNE9ofpHmNkmSOKrzwuWpqVo+SoIkq9Ous3nVVhndr1yS MSZRWbm8sU3eJl1bVMYVxnY0r6sLep0ltMzUbdolZZlFcVC6NHGNNTQiqkyc OGuTOrKlbeM4L1prbdckaRwH/66Dt4ooNrU1jrli1qs0r5KyydO6beq2K/i/ 3LiypNMMbFlFtk3TzERRYZo0T20VRAXD1BQaORvljHCRR1USt2mdZXmbmiav Y9fGkSnTtO7ivK3SzsVpV5i0pR1Ro5fqJbYwdUNPjMH+isrWZdR2qTVtw2jW XRVlpq2SJG3zIo6qtmtdGjWmbNOidHXDzQ0tsVnXNoYxqtvWFUURd5h2R+cz rLdukyipu6Qqo85GCc1IcoYx4VmmM3HtrIYzaI0pa8Y8ifm0jWrXFEnnaDi/ jpuybG1V1k1ZYwpZjXG5pk1cLVOJcpwlbyOTBrbusrwra2PLpMT0YpPHtama OqnyOk3auklcbhnKrHR5LRdLsGZrUsYqzl3ZMsBBZbDgqMAmcStXubjCJB0u mVeYO45auKpKqg5bKVLDkOL9zHhmkjotTFs2zHhQY840GMOx/AJbrpM6xkzb pi1rxrWxCXNe5cESWzDOZm1RmxZ3Z17qSEbBM0vcMW2KzgEWxuA6bVR19CKz jYuTPLI5Rqx3lhk62Mq0U/rvmBhsKm5skYAPKQyIgdOvYm6VABiNM1WX0tKs abqS4U8blwaMYZLqPqUrbJw6l3FVnecOl+TztEw07HGHXWCvLktdRNeZq7wy dVYDH2kalGVn07xxRca0M0YYFxObxHoOVoMjciN8HoBwUce3u6jBP5wDfECU CJQwQQKo1IlwLE8SU2YlWNaWGYBoYkfXHV4GlEZVUUQmygGWTnfMI0ClMEVc OlsERZXnZVpGsm2DVeVFFgGG1nSMRubSuuzAsi6uMFwMzGqg6tgUaVrE4IDL 6G5QpECbc3GW8ixGJOaWeRuDuKXFlHPgvOZnzWZhu64tYywSB8oS/p+HAtRp wNe51hZxmmN8WdZmADZDBnxhzrTS2KQETVvsCxiKUuwNx29iRifDN8vK5kGW 2DYDyTvrii5OaqFb1xQtCEUE6XStHCJidLJWw5nUdd20tsAN4yxzVZsnAaAE CoLTFszNMbaC2GNtJHy3mLtJ0xwQwKwLxqOKmbMkaRhXy0xWSQrQVvhHlkWM fU3saGvcLkqiGoSwBW5AIGis5YlpnCdx3jG3DT4SN9w/jzsaoRk2ga06ADCq CEZtljBPlolIwYPY0c845S/j0F/8YeIMvLAZppM3VWrjunOAoe2CNrZtkdSt SSyxqHYAe5PW8lhhVleWTZOWTCV9bNKC+BXlBESDHyeRaxkYAlQQ4WtNG5el LarEYDula2KwMHUdc8yUVxh6S/fxmKLpCMeNIRRUWcf/x7hM0xGEiBhFbPER WtER4QAPgI4IYtu2jVvmLc8BPlt0xLGkwGrKOIlr8JD+NGmTJnWQVQ1tbfPA 6Sh8hCgxpdWPbYY8xgfAb5Ab3+zwbaCSHmEbGRaLsxGEIwyFzhUOLG/jwghz yzIOKn5JHI27iHlIuhqjaAnzCaiFurWYT1KYLMc+DeADlpTAd9oIvAhSKc+L 2wAUKYFT62wZE/GxdQfMY3bEhCbKO5pGOI4TSwfx1g70SIoa+UzUr+gZCN4F jabRn/3vmo4QyLwAYFYhteKWPLJMwUoGmH5U1vVupv42bdGVVQbaBAlhvcHQ 6ornVUWX0HYbtQnPU4dT7kAoMobIqbkz4HXiAEeTRCYDvEDIMsCqE1NHReLA jILw34idVAQX16RRC+5VYH6ONZeGQWeOQFFMHJ5RF3nGzUthDNEqQ4PD4TKe WsadUyC28LQG6lTXMtnM2dg0uCh8hGjbAGFYlHC0goMRg/WYvOJ3fEbMx0G6 FvJX0RKYCtQOR80qzArYgw4ZED2DXjG4WcFMEC6CWjiegm9tnuWYQdEqvDGm HTBU0HhIDZ6kQAefxGagj2BH0VkQx8YOB6QldYUrKGpYyCKTRhhN26oDr2sA MLaEeyIsjILAjIc0MQAURSBzjuHiM0lmAzy87jpYYoXXFwlQCRLhOUxyDhaA 5hBLJgHm2hTQI2YrKwvGoomzKoWwpHEWaACqpjEdVt41bSM/t9CSGgJgAE4Y bpQyrpGpsH4wiBAptIQ7MR1JDWdtA1CkiWoYKzHNQP4s+NQ2ZZ7x3SSOYQ6O lkEQYH54IqgF2QXTc6aX+SqYgBSzzxO5KFOFk2CsCf3DnZqkTWpoNrQZbkGr HUAMzQRySyIJNBQyV7aE5KwJgGlgHZOBAjA0IstFQXt86IJdYTKpEBN8h90j C0BLOCwBVkS0o6OdA2PKkmgXB/1pZMIj4AQvgRYmCAvif+KIpzW0NaHNmA7W liZqU2synsZjK1tFUUKMxZhgQBU3tjmOBz6mOHoJgQVmWqhnGxwcIUuEgBcQ UkCtNpdLFhgWA0LYh/K6GlMhWLU0BbhDyiS4UFIG3Ajq46omGOX1cJra33XD AIkz3vDvHoDAj8CvGACvtsHfPFYYTHPIVVVW+C1syjCZ4sFNm0YAQgTtjhzP wM1lKVh8lEYRTpVBjYj7kijC9LbDRAs4Ot0k1sKFmy44PDwQTRTFuHAhElwW YGRHLKBhRQrnL1v4SUHnO4gvsS+HMCId6sAQuKD9gKSDrOMBdVrinnhyDYS6 ktt2dQc+Vq4knhjuQHDOOryHnnUAUF4FRpGIFkOAcbu8E+eKEki3S1pGB9um wVELQ6m9AquN7BgYQezAzGNctQiqDKGV0+7IwdMzBBgEpbIWsZU3mZyR7qBc rPQKMETLIzkX8TruiiaDQNcBUAAouhpaVHIHxrPOpOq60kFJIK3ABvSOaUMH A3ngZtvCtTN67QgvEtToOt0jNRGPNRDIgqCOs8XoN8YIcHQWutzahtDalmgS S3/hxZq8riSAxrkJXI1V1eAbUQbiVKF1QL40beDBDWGDjyv0kMYRqgRHwgyI rUYypiOK0Mc0gApBVQhCWQsPQgjZsnW1cQgJWFGK4cHQDR2FNjVqHTwdNmRA NG5UtRG3DUq0FXqPwFyCoNAX/g3E2ZIx5ttpAvrAtGDGMkxpQi6DQ8GlGBM4 na3bgKCaorVFW+Mkw3iBHFAGdsODUdbMKW4R1VXpZV3UwXXAW2g8PkFLcaco aKHc6E3oUNLEMEqTtNCbLsa00GtCOPhP7DVhY6OmzRuEM0TMxJBTApKkWFAA AUA2zAjvjAjhBRQTCpqKKEd5I02cOQAdJYSD15A3GBi2DGIXOZEXthJApsV/ M8Y/chB3KdcqV3gwHSGmLjrGpsAyoM0YLdycqMZteR5RzaWMFJFPYhcnKq2U XkOAL1NYOc8C/gFe4QQCMNNned7l0EJ4Q04Qh+nhA1nZNQGezwOgVcxzUQD0 ZdsQZuoyF4plsCS4IqMG10oLIANZFFcohTSPFThQGBJQMETMA/fVI3AJG/Qn YlawdHiueHgGu+QHJqMlisHpENEVJs1TQEMMkphY5pEIlEuRuHDTIGpdXjbw zRLPg57gIhLlkEhCji1yZCa/hDdAAIyRCcDrihxOg0qhow1wHGANMcjSMtgl WqIDViUymX3YhksBbKYaD2USkDUMGVy9aCIkCdjbaiowYuIz8wtKOehSkcNR iqTNuozBiWQ8ER/GNBcChfruImWigDBCv/IfVePKrgvQMWCZa6AQLT7cee0B xSyh5yVsrk6KHGSPEo/0LcQRgWhiSRN6SYMBIgmzzBBHikYqsskzHh6DmdKN aIoOphoDG9CINodlQjFbtEKNNSIzIBtRHoHv4p4MqB8/AkeNazDfEQPCFRAD AAFLQ9XUcNmsMOiTzibYe4xhRCjQjjHJHS0yaV0YlA5sJ7IZ3fVAkqELkNSZ clegDsPawEwgxgnXNwlT1sJnrJQMWgOymqNiE+hgjUPETB//M+jlmK67jIHE KiOGJrOiYVUHnUpkpVBl2wTAPwxOw4YZ5Iw9UcTmYvkNfJbuox0yi+AtuhQe 3raImkogYhDnMD6FjwAgLyvu2BIIO8P85fD0nEBJRGhlE2h1vClyrq0dpLCp GgaM4IgpRbXiXU08My4rYuUJUOvYCxLCap5aafY4j7IGF4AaYOoALXwqQ2jK NZyEVotVpTaAUXdi1UrCEO8B35qYZMA1LoiJB1ghXovNZ4RkAm7m4CMVJBtp DiIwxDAvwLxLlK/CxgiocA8jVOYrhcgvTCMV4Y2aGm3iIkCgAsYLVF/cGSU9 qzxAe3Z4YMlzoRDcBYgCoAjQzIAWjvGoOK2iDmEE124leUrUJ6AYw6SyCn1C FMHaGZy4m7/OSCkkUeBIGg7tW2ZwB8a469CMNcy5hHCYOssjo2xf1+ItOdDI bEOHlWRpaHksEd21jJxxDGepjBkBra5xBEJW3sIXClyy64hJKFZCL15oCowX ok+IZN6yiPjRcDvBbBTlACW2ghUnzDjoLE/EECPlMhhO3AvogXF39AyU6tDZ ZV3g+iV+R2iNpBo6ES4FHNeARxGSgAHM0aH0BDUBXXG4fdkVQacsDNqciGph UGClMBe/Y267AhYJVUCyol+lsYDxCpPPChQ7zwFsk64oAwiRMkkV3BwPVezH Emvoj0E7MQiRT0IzFESXLC6sEgBGZAn2bkqJVtgLwR3qBmYSj4FnJheFWIG4 DA2OYDOMH0lksF3lI1HDucliKAYDBxy1CsYBkqKqHDGlJK5b8ZQ0tZXEbC1t zbCD8QkMsUjgnyWSDlxOQOrC1XhMXEQ5Y9LlaoNBtQPTGaGqwpmIG40XFEx3 VTLPHV+CyiFjI/gW9pii65CwWEjTBBVAUxGoiewER2QgMIiWAt6IXy1eV+B6 tVXiIJYY4t+KkZEYIcxLkaGAjDmmrE4qzLTy4cJC5homp0uUcanzriJyW0wP wQ9pwyQRh8rrwPMjpD+6pW6TtFK6qpNKtgliCaRjpBm+WtlYYBWvq0zKLSDN NiGGyqEtvEIGUca5kLKirURNZt0UAHVCl4vMJrnWCiBbBD1aAFYVylzCXTC4 EvoP1MTIT0wlqHAA1+YRvFQaNXeE78SioXl8h4pABQPjBHGJRThhh63VxAIr 1MEWYApVQNMd17TK0EB2u1Q8yBU8g6HA8Gm3BUGaJiGg0JoUAwPivK5HK9PM Ng2YfCnzpHMljYdktwcvFksl2Wtn5HR4E1wOha/FJTGMpINgM2pZq7wcRD3x K0lMRhoIdCTwhWCuaOCcDdjXmZgRT0S9a4aqoMlJynS3uQQu5BBpHOM8ykCb LCD+O/UIB88tAlyJYrFDVDKIHOEEPAZZkSEGrZYmlKcGlK0B+7DUxFZ1IB2k roGPIDC80+SmIlhrqQFEBDmYFNshFV2BPkFjCdKIaDm+ziBqlSOAqOSNlhWI 5jkaOy2h51UJ6JVwMpgF7F/RXQwN7pjI/IsKDgPNxQYdDegCpa8Txhh1pZwb PpLY3AIfSYmYslYWn9BaZYy6KhPYpuJiEQgqV2Ui0iCFxDeAGSETBLXQbuRn K2ojMhvl0PS4qWGMULU4ItKiZ1G6iYtwZrAtt2kdSAC0Ji4KqF9LYCcqoYwh M2oDCJXC6HNUi8VDjRYU6xILbxBjtKFUcj+zgUM05QSxCg5TlFpfQ82B5rXF HcBwWprDO6o0S/PSEe19+plY5kwlOgyO2ADMTVuXGFAUVYe+wo6Idvo3ER5W BW7lnXJNKH7kB3dHCmB7LXJDcYNRCJhAFFTn198M9s5sw9MxTQAplSIXl0Ja WGWklPklYiXiJBhOKuMBTwNlNzDlnFAWM3S2QATQB2MRKik8xCobSGQiSFlU OdNDTIT2IwuIasibCrNvpcWI9ZmUmaWZKQq7cbQrwuVysBcZCI8TP3eFuB9Q 0MCgE6PRB1joTgELzPkMhlKlOcSmghvDV5V5xcOdeG5MlINdwbXhFBA36cga GlBnmDWWEhDXDCEAMgLzw78Yd/hMqRUUVGdZtWUMcakcuELPgDMGtJYOx9Nq ohGqpwpQQzWeCmn1CwrF8Io/cNrxIPQhbBvzbqX7DHSO0CWZqqRyilBOYuhL qWXMRnw119JAGQdC3twIuIiuDHFH+1B18EDG0UhESh6KMDZavFEyOAMi0YBQ 1ATazT8CJk/KCw9qYvQoIqjIopaBdxZSVUGWU5//xEPFnnAFlLlUkyWelW2C wacB/N1BqBEyMbwZjWcILy0GWWIJjLqtLYwrUoyAUMFJ6xo9TT8BSwF0bZAC sg7lSTsiMuBSdFroSUFXBfVMnDNpxNYQDLJcDIiAhW4TFyaSF12mRT8tGCJF jcSnVnUIdA6ql0rzE+PBkIIAlFcMB+K/keXCaNHxcGh+yxjnQexQHs4lggO6 jAxMiOZKMhqlp4AJrioFroQr7mdQ8fiotKpCFv1DRTJjrtVaeI23McMJxotZ YuR4iU1MXTGRsE5UUt3JwppEFsMkoJZxjFrL822tlEGtFBLaB3ijWRkKpGJs wFabNFoDysF6Boo4IYZcYtd4b52jmsoyiYKmoad4p9LZ8kVXR9CbVBoM1lC0 xDKwC7rRGXh+nTFTmUFW4KFa4kTZNnGQFfoNIIu6bDqZThsTpbSy3hH4UguT gFu1FWoQdgKoEyUBDaKFWl7XuFuA+xEm9M22KSC7Ve45bBq3SsSlRYXyAuvp iPwNWmAsc5OgtrER2slPMdEMloOiLvgHSiFu/cI4XmCg1hUOg6BiGhgaLR12 EHfoacwkYPcEcnC/rgKlzg0YD+HBnHKibO5qcBN/BpFgy4xWpmIC4gxwktOq OgEWiNp4B7hOsAlEfMAsALeJ6kR4YlxalqWWGhIYAyoLChTlDFgOt+GjDG5F UCRK11q1bIhmIvs8POqS6TzmX97k8lja8lja8lja8lja8lja8lja8lja8lja 8lja8lja8lja8lja8r9uaQukoSByAAyOx+Di/IDdi9DA8IBPVHAsc+2Iel3b FqBmEhSScxDz9m5py99xwwAfH2/4P6q05ajwJAXaxM+0GJrmkNpEpR3MHrQW gow81QJArPVDpg/WX2JmRM0KrGujjtY3DfZOGCxNWQoouppoAqdsoKWI2Ax+ K6qBzdedrRCtcVYSTIou4Dql14BVSBs0DrpNyDMwch7OGJSVygBKLaJrxVe5 a61ERp2kCOMVxZYwA5eHEIC8+CbaDorukGG4F1HepSkiEPLdgu4m71xREthS 4i19hrBlrRY8o6BVUie2SlYVikfweMad/iGxgJk6AzIkm5ktHoagbHg6vuH1 kIG1FRhyHSFy8FB8KIVJlxVBs0xymAD0RwiutBdeBstFjkR5CnZiMincoYWu Zcy+CRjGOoqQd7D7qlU7LI9vYK9InS5KKoBPCwipryCBGWMCjh472qZhbIFS vKGSyaGIE7hNhm4GCnL4B9KMJ5UwOBgnIbSUBClFeJlxQKtFcdmISTZa5M6s 6jMsttgwylWl1UBIEE4PMSwxGUhtAqlVxryrATPCQKP1zMrZBsZXNEHtaoKU QdPRYUSI0wqLyD2jUkutEa0JUQwaUR8xVDlAk4AAUlZYHHIkB28iAk+EPRm/ uo6AItYXSoVaYhJ8vksI23DwGI5Q9UIGZoje17DCluBJhJScGyvmVGUMx8w0 mB1EgniN0iFmxr7qDFun5xmTZWIYJJiWihrXeZfXge30MBAa/OwgxNyuhufk bd5mDESkUU0sISrJa6hQAgO1/NFoVmijzKYNiAGdK9HrWrICSKMGkzat1i6V pEfRQH+c0kxalCwj6HECkDh9wcgw4OEBwOtUwwHkWl9Jh25PJYV8OphZaVRL k7Q+H2EUHgjEKJmy6TqEEHaYuECaGMWYaMhVMvNYePJYePJYePJYePILhSeZ 5IDST3XZ1IXWEZxGmKEgimN6LsXxIQvMJs4gTII1FgHkFvMSIrf4HIw0sQau jKhpwd+W8SIw51o4B19zyyBgw8jNUgsiTaYQlgUCIhh/V5RSoTAV7hIT/mkd 8gcDws06JAW8BjuzWkEvE1gwPen0V85/kHqlFJD6WrgjdmmVsYozpqzTyg3j TkTFeWgsYgtCDXRrBb5CUJS4oEhToHVL/s4R0wwf0SDCS+DekCatVjGrSFIU OyNRJKAgMQtrrAhDcHvbKf9cBsgDW3dtB2Gm18wlTlI6hGwlXY5mY1atlgro MlBItCM2puggXAREBIojE7gIwKzaXBRCMadWUU1sLGCU5wXWRiiyiKuE2c8I 4ZFVjWfODYkzbYJCbRowG16UxVJtWqQq5ZAFmMEAoUGtU7EDaA4ZwGQTLTQ0 FdERIQ92OYJsVaqih9CvKhOcWhW5Kk2GK9QtICLGkDXKGiHOHCYvqmlUTEBT fUYGTpVoub3Q4GSpn7SG4OlbhCwGprERIDTPIdu4QOugKCge+JcGHmKVSlhy ryDT1KrgGvxvoa0xsbCKsJuiURE6jJRQn5SVBwQL3mOsyBwiWSIqrhpaG2AO dQWcu1wUjgbnaa1Fl1rlIzChWslnzRIhH8JAKMdr8xJHNUgxCCeiMDBQNyCh UOKVaGos9tbCH5rEySGUtOggmEhvEKtTEKwKoUVtLfYcEf+7NMDhUuVVIzFl KAYUrOGJjSy/VX7flSn0IOs6ZtaUNuKaRvxGNU9ENaJ1ir5X0NFyk18U4euJ Q/UyKBaKj8NFODRmrkqKtFAxMbgrVpvipdhh4vIiADeYPNVCQ307lcEeFJ5A FXDLDACIM0+EBBSq6Gjgm6W1MDZCmDIuGeANgcKGBfJMmBYHYgQByGtB9ET5 HeXvkTk0Ia3quEU9NxkTwZMBg1jl4spUt6pGR4igTJ18Dk8uE7CQ8NdYlwgr VVFhYuUMlMjVOnCFmzQOBpdxj5QYRisIL13g5TQkUCVxCCgFX4fdQ8tLiL9J 0DzgZ15x05Z4CCtKsbmk4TMtTKi6AHeKmJG0FNFukBBKqDQ5cAvXK5U9QRYB ljQ2xyhjA9Wj7RgJAEMwzOGbZRlABqNcew7yWOm8ppZsJJoQtEoxOJAgU8JG oomZyjqlQ/D3piH6FrhfVNkAgg+v4tuOmF6CBAb3haphV44WZTGagjjopM2x V2W9jKq2RUyI/gygFtzjRMSW6A1FwIkYFiJr1mhRjVEoXAKYChhjGH7K7VWY lBDKWyQQrKCOszaghYWyVHVfNRcR5AzkBv+Q/ID8NiIBVaoF2QTmVBL0Enwf uNPKFZANYrZJGYsxMAjwrMJC3Ktay9Ui/ngf1AkPkcOnTptLCiCuzqE1TYq8 MRhY1ASMXMY0V1qbaruSYG7zJJcUyWKvj+RDKv7D91siIzy+AIWgEGmNUUGg rAu6Er8hQEISIinujmlrM637AitW+ydUka+0E0DsOqUdm06ZNthWzqg4y8DC oZRfLcCdpAYuc5SdcQWYi0Vyd/llpsQvcJow0RhVrAwj4kKVc5qUSssz8vRG cxarxBBCheGAknHMgDqTqAYdqlBUrdLBOU8reHococS7rmQmM1hurgWRoo6d smmNkLEF/XEeLTQouYl34ZFEClXmW0QpPE0lhl1qfYozQu9Vko2YQQVymWYq PAFwUul6gJNxS8HwtIJ6wNTKCvxLfRYiqpNWK7JJpEK1RhYB7dbKKsyu5JfQ KHxApWASLVCxVLo0UbUmJpND2Ai9rXOq1seNIO5SUVhxawICMK3PkNNIyAj4 Vsmh6TAO8A4YAI461fTj+IniJcwHpotPZWhZpQAwhQAyBOBGcQ5eV7nWB1Pr Sz2J2EpQQmlaXEJlCWCKzeFqCBLicdalpXIlNCaokRNwBwMlbpTD78oarZyD u0XpKqgp3h+r9ijHeOvSNkR1oC/X1g/oOVo1Qh6lWZGprLIFxizzXlnmoUML WiUSkPaiJHImX37pIlXRVASULMNB6BpqN0AOwgYx41rNVkAvwSGkoLJAOYIg UhEkAcoYPAinUdYAZV6DJoyVqcq81Jjg7nxP5ZBaQtBCn1ICWsdFfiJcVSCo sQchK2h5pRw36FjjUKqh7Qyh1mrzS90ykzk+hY5LbQskZ6p/q5kBoR5aNoYj ZQ7liXqsEuKjZC/aAI4RtFCnPIdaIB3zDNONXIbboSKLoqgsE1RHxHMltWrl aIjTflhNw+/wuRibDtDu2L5MuIkKZVAxtjxCKhcAD/QMwaOsiPKdiDTstlGd Z2Vc5N07xyFRwBl3cTWYmCm6KQ/myy8ShJWTFKqNQ+LgSsCx0mXcUqoQToQ8 ABoRIQEiAmrr6hiWl9CHDoJqBVyE6RRoq1VVhz5kuOtahWdWBeGqS6KF8Bmk LLNTatkuhnrgrakaoXrY2GF0WodAHKMjiphQkxAEyhp20dKGTpMFWYIONMij pGQkG6gv+G20B62IlIWMq1RZI9X0iO5B/oAXpWMSfJwuqJAobSzooToa6DTU FWL+icKTo/fwPdadPNadPNadPNadPNadPNadPNadPNadPNadPNadPNadPNad /C9ad3KnauTveXowPf7/v+eZQKiwEwKbpengTpxBk3x9CbeHszntnyDMaXVT hK2TPcL9uTXYp0hcmrIjKhlPSLRnBuNOcshL0hZxW2TiPxBXdAvoCzRVQmQQ Og6UAqu6TpTVMzoMiwAWx6nWIgvtRkXOdnKXmHAZa7tmp7XNGCUHiyEwa30d itIoP1BGWj6OoGDaztEIWiwxHHVdc0/+B10AnHBWzyIho4Qp4Yqpg1a78+Bs lYSAVF6jTX8VKF/CC6BXIukOe/cLKXiz0rylMlBlhDxzzFAdEFdFsEDDRvv3 Ihy9iJXlB8RQN2W/E5bgkICgKME8hm+2ff6SAVRCwgWIjA4DEwCj5y3cSltX Oy3QMhp0oXBx67RED/AIobRWyKTh313ul1ezKEiVBu9aMK3Ihd4lVDdR2iwq cseExSLpEfdRGIi1rusKpQ9g6uApnLsrfR1GAnzEtY49IcrSM+3WBjLiWOve qnDAjRtEWKEKH62xdVq3VG5NHLBBrSqr0qk+yGqJFvzrCO7ihyV0XvigNRGa ATSLZjXMaqKNebiIg/jESh8EROUcIGK+y1qqHo+gyYU2pYHoToTS55SF4bW2 9orKQVu0sU8zW7VNBthHFYZcI29rZQuIGsgM6FGMPGu0Vm60aVsBlCHMuHeq 5KeYL6Qtlb0BsU2BhOiyuoXq4f4wHmXJeC6eqF15MHkdOUN4iKW2cGxVTjVw AG1VgotGFrqvko9E2asyZtZL7ygZ1qo6J5/UxWIaWu/AiYowisjNlSzExOFA 0M82wF9ApLIhnKG7GXZsxJWYdqHtfTbTMURKHWnArNYFo7rMcVIZCEwKHyOe ZxGgFuexbBhykDyWlTyWlTyWlTyWlfxCWUmMOTEEqoiNHXFZdaiAGdK8KkU7 wUciAcS24pFKq+Y6myGoSpX91RJhCkodUcwwwoZIV1ubY//gg61S4nkeGQFI h4/BfaSmoDCgJ1GJDhLacvCK+KT4DF62HUoezh5JBkaqXsV5a48/ufWnOlVE ZcQw3LzQSivt4OFYYlSi9dM6Vbkk3KBUTap2l4Ogqgys4xZpVcHAACGrHa8I oDyHkujNfUZnrNHFLoMmMStNif7RRvNc1cRpUqpAxiptYbEGgBdAT2v0PeoJ bdvUJiCqxFbbtNNI2R+pshjIQf3CW5JCq10q+9QRFRGsR8UwlYWdpNAjy4wm WmHSUk+sKku+qUgNnigN65g9zIPw0VidLWNV8RoDY52WTgn0CfeBb5UJOi+Q BVrttpVO7yTYTKq8KRCgFXj8r0bV9Yd7VCqL0K74Qidl6HSuQuu8VeCA6Axp kenQGWYNhZU5Hail5DOe2ekkGbREo7gbg/Wlq4nEkQ49i7AGaFIdKB9DM3PY CE5sGqhsC1nAoCTa61QqjHCqDHqUe9bHBAueYdlcREDLugCY1rkXtVaKURJa reO6jDACjBSoDWi7kV3i3OKWxA1uW+sYkLyqUllhFWQ6wA/vaIpIu5OLCIfG UuNGlMFojzby1yoRRUy0NrZajNXJYRbcJfCCskVQ6VC2EtaX6SiJiA8xT3A6 LpFqhepdVJKj4/Zqh2khmE0NtgFuBhMBV9B8QUsIjVTvjMvqXBrsOc/RHmAw VJjmNQQzgC1XmTJxy6hqIZOsh2jIr3CoQEVFaeniSCU9hc5naZDkOu+lVDoa 3seQpX7Del34wh76XFtiAyQkVxY7jQLiPZyNkcBHtIs/Sw7PM8EwebI4T6MT +IgZxNIUO3MOIogNRZ2oGA8u+Bcshv4Sl4NWh6DUETK7JGyhjRCCeVfieTQR qphBfFP6qQUZowkRC+w6vzHeu1aEjm5ViwR7xnWJG8g1QECVVNgNIyK6qPQ7 zhBJByfKMMYFbNfRfZxTWbcK4ttmrlR9B4CWK3mb6OwlnfGRFaCx1dEnWibB 2SFTeK7W6wndWVmJjqrKK8gagDiWRihVeqDj50odPQNvrnTSRx0VbQQCWonc SMukUAPTiACUuDjMrkuDxLrcZ+sc3BbPwgoyVcmZRgcBNc4VljDM46IiaXQy BGMsPxKOQD+s9wR8B/ZaxNAcrcprNbpT+ghOFFe1cUbHOuk4D7C00UFUnT/P CEvOiEVpVtdVFKDi66RVYRF+Jy4vXoqZxFBpncxQW+OrAS26p9VpHSVyCiWM ictyK+wYOYyKS7Ia/0Ag+VUMcIVRiLBnuEwlORupKs2IKZSZ6vK7ooDs1UBv DFvvKni8UpSR+FCjlAbqkKlLOuYUxZcLrEpmREcRoEV1Rk4j4IoxIEId/MO5 JHA1kV+x0UJWyrRAHdKYKrX8iZu2cDxoWVro4AoVz+skFtHeUpsaQOe2TdtA 3gu84TNJjstVsu2oo1mZSCbRzLUN0hT0t1oHyXV2FP6bglKpmKbfp2KAjhQn cXSPwMHoEzFAD/iCkh+lai2gs6rC10KN6AzxW8fQwOgckgzCHcSoJhVyqMhQ R4g5pSrwCQJULjmRi6srg9GpXIsggIJ2PWqmKARL9HMB0AkVUA4Mopj4mhKg V2e7pCmiLKuMDs7AjDrlg0rGL9UZHfCIgtbGKtDKA5WMgak0DBZNsBzKSgot hABRKuonymAmzJmkj+or0XCMIT10SE+Vf+HtsnYta8GNqyZAcdbGH9ShUynl k7F4Z1061GiCwcK+lVmAy+tcWoXfSIebNky9ddoXgTxnMFNCvOI899OxaMxz VUBFdGYGQRyegARkXC0hJk94RiY1YyKtjsE4bGuDOK9VyFPmTDPgqfJ9nTQa aZOHKQuJIGbZgN5tViltGLsE084zeGlGQ3QOlMqrkAg+dWqV+Fdo0oFNRGOV nUGYiyZTbZiK8/iVMtWJ0pcMAgFQLhYHWu1zqT8zLY39CVCuZXRsExc2AUnr OopU2Ef8clGiV2ahAFKdZKbCIC7FcQMd1wtm0WnwMO1ibSWpuwo0y5H5Sv93 Kp4iHhpiXMNEQwq4d1mgm1DyCHgXMMBYi1YDJfybVqBMDNeZUlAslCaBiNbb BFJI64widsefWq/XQbPaKAERKgsl1SNIfKVjyZIYRuz3ZEDdIOSIJ3gpFMZ1 eDKhGgUo5qVlU6Xp0wiU0rklnVaVFXqAeyCL8AVtg80hlFKCu9O+KASPpX2Q FH5PP4hilriWR5GSJ46uQBZU2YhYcFrVzYiQSBwYM+G77AjgcUH8bdJSaRu4 EYxJer6WLkfjYzxIFquDSWwLLKFb+touJKvOoOGRRLMG5tNaTxnoM8Q9VWaE IVAZQxl0orQQD+KxjjtDJ9ACRD3WqQ04CN2yyTudGQWKKu+o8+7QLToWJdem G5AxsDw8drUW+CspidhvkrFNiYoFoVMdqapkbNKlyD4cpYoSpdjhZw0kGC6T dAGMstbZVpFOQ4vRKZEOQSb+dbB3UFKHcCnuOlRZpKrqUmWFAKZKkxw6CFEa aP0tRt7nv3ieyWNpyWNpyWNpyWNpyWNpyWNpyWNpyWNpyWNpyWNpyWNpyWNp yWNpyf+D0pKjwo84h2nUTQ3pibXep22vMMis8jvGnPYoAbKRLIQxbXUkBSAT xHoNDIanFJYO2ADyDOSG4SDewE2YdEShqi20ccnpBAut0zWAtHamGqWxAx1h TazCFoh/zBaaKdZGPdH/Am7ut2/5JfiqquJc5/c2MWEEnhJBqSKAkJBFm1A1 bYaRRPBGvV6lUFDEonTWKuJD8jTTngngPHLQXQDDaDXZFPA1a5tA1MASXVv8 WUfL8//obB2xjyTSKh5ALtkm0NH+FOCmJCJpi6tOxID5RV2gFQgiWaYwCFKh BKDuOog7q2qtaaBGaF+lc16VR4ZaqDpE0lOBUseNd/IObokKSp0WRBCSSrQS 7nQaiI6yyOkVQ0JgyLVNo4O+SeEqopZiY373adl1cLO61oGtTAFw0tTKE7jI JihioLHrxOBqA/BG0sb+1e6wWNPpgO2saTNQFOarlmmuylTHllSNdqjpFF4d fB4DN3rlE6OLwicgIQ9gUog0r1+ZxizQ+nSkuKeNsFmhU2GQQpmNtU0wg8b7 k9WVlTEVgjoVZYUilwgxUArmgYQPtEAb66UAykYqW97Bo3SAL6FAggXKoJPj I2CmRlT4zHeBnm65lYO2FUkTBY3Kc5AznYsirYa0gI+ynkpgYMjEiEj7bmwh RUtjlUeG4tW6sWpGmFDtetIuNThXV2m1SrtpTaZyEm0jzJD8VUSExjQTHXpf NriAVAJcrdaCS9lIGneoYSYwquWeRmNT4t6SZcxAlhF/rd9z1/oCHyel2+BF LYJWW2stmq0IMq3zQie0BMsTwAMlpZRzdapXANW6OIOfxX451yFr9L6ptNG7 vJRcV8VWADAIVwwIDmrzu8fCj8fCj8fCj8fCj08Xfvh32UWIgzxn3hrgLlLj VJ2qbbS1TtJWjr1k0GsFDPoQNQHAyKzrdCpLhO0qbUk0VSyQMnrJG75TZzC+ mFbSxwQvjiDKTqd3JDp2KY2TIHJVqbPXxXRyDN0RuFETOfHQ6FSAHMIDmuu4 JB3lFWt5JEf85gBCXanMtOhwo0oHicF7oRL4r1UfXJmUsd5ewGASgEr/Hr+4 zrW+qrfh5UoRY45gBTe3AQQ9Uy5EnVYaU0UAaDvtPIedlDk3luzRSnyl07+Q Gv7M/TIG/+Kq0esdgqIBKghaPAxvbSOdZmW1XEQwRcIgNl2qI7zEWkun81VS 5RJrvZkhEgJCnQNXaUlVAhtOXzR6DQxIoMpAYA5nEI5By1ymQliid9QoAmgx NpfwBwkN8q3Gt1udItchHpXUspIw3CpX+YUW+wud0a/a107qFwQu9Gq2EhMl giBYkkCKjqhJwyCtkLUKkiD6HmdiVJUS7wk3bf2bB3PQPMbxaF4OU0q1/tfA GehoJCfRmi7BQe8mosm2QlJgzNCuTOuVUFq9v0Jvikj8GywgvToEJU6gIk3g a32Vt/Vrp6hN1USqNCTVERfEFTlZplpgoC4WR0z09kalT9HmddIgBwMX+aPn TdkBNXrLiDZGo36QR5UOcBFfcKpCgvZp/RdnthHWjJDUexHw0zQNWpCDiMBY W6RVkhJKUdGEmcwZX4lb5/Q9r0ElIkqSgacIQQyQ4AbSljW/CoyqRTE7lfYg +hA/tVRSnStHlWWlXtsDbmG42pjONEdSnkWk+oUiUd47Up4pLbWfX98RZ3CF 1sX1rpEkIsRpxbosNChYBKOCEomtNAkA1SmnrZNAAq0YI0AzvYYQ5ECkHhV+ 8HW9dQaBZ9GfJRwmz/Xqv8SU2qcsCQZAInTwWeIxFoRjFkFTapUjwoLgk4Xq pwodpNOWev2FTtMjtOlwwVJHmUiOSM03EcK41DE/VY5vQXxrvWYBRlxEKk3D an0FcOyrYpQ8J/qmHRqyykFUhr8Ej43SlUwpvogfBplOJICGYGWVjohUUl1n TnQtMj6VDEp01CA+nUTafA/1TnSQg94IqbeMRPh4ULcRTBo1lGipWGfBpInO pcFBMKVMah0iGalIJ1Ys5yGq7Y1kFqk6jewIiH1GYFhCN5FXEh3+hSh6FafK pdoc8NdxIXWrYJfAJpIExV6rkXqVTKnXQDbWSKhqWVg59li71KsYitX5M0KM 1qh1MhOaBKyjixiRTUEgFaSUqlfPAq37IwZpQqRXf2b0ugM2YZXETLg0/icr inT0hSsUzowKyDGyVFmODD4SBTiV6tewuEKvJbO5P78RRI50UBJ3BKVVUaWk pd7CABNQIVlbY8w6kEj53UAd0Ws4kFFoBy2q0uUMWahiFKUOy0ovoKxiSDTU Wa8R1RuHkiZpBcg60TAKdLpU3kV6k2qU6s2o8N0G72s8NGY6RqlWpVrV6n9W 79TI9Fow7oEOpLU8K0gJ/DrnyZZQR5RRqjRHo3p8R9hxWufj5waOANnUe0oJ 7aqX0qYOtJlTs4NC54o24jrKM2aENQYAZGoE11pEFjMxyMsuz1U9XkV6exXs 0cbKFiVFhcVi41YUGVOTjIdPaH0mLnUYlXhrWoE9kV4oBJCC94QvZkkn1Jiq TPXyLLhl7LRDompw1VpLqco5QoDABJvS7VzvVyJIuUr8ssnhtyqFwoxxEWJH p9o9vaNFrma7XDVuSIzhlKEMyqvkoWiuDjrKMzRYrTNwar3w1Wh5OElVMOL0 jh0VcxgIWJTo9WdBF1lZHo6BF+vMArQQhBg9raRnrMOYaHSZqvwKiaitGzon IbNem8dQEZzJ6q1Lrd6KpvOREECAJG4cd45GWe00sQqfWoETmEL2OuxPh2HG oo4AuEsDnQaBdo60nlKaRryVCaz0hi465bSaoOMaUDN6CUlpmyyCpWh130G3 HYaYgg0MnpPq4SJUpF4/JPci/Fmj9SXlSrTEKRqS5Up7MaAqhgDvDMoUet0F RosLDpSBr9Li/o00eRMbvVcXwqxiJoG7ZEUN9QR8wDMjB4MPAXQQlQCZ4UOa 05kcFbyEEFKrVI9IAdvE6gqr1zZVRCfCs44QRekVQBRToTem1lo3RSRWCpxa RlbylLYXel0f5F1rlJXWFm1sVQihV8JkOtuLYJ5rHwxPLw2ipELytrGkQ1c2 eltuIhv31V4GhFQOVu9OgZ+WdLdtqzTDfBmXUm/K0sJEq7Ou/Gv1Cr2mFXwv 4WWu1TuJ9Ba7uqyg1LleoAf3TnR2qla4oA38GqDWuUqMWJAqaRnjtbHenqO3 zXEVw2YcsjfKCMkpxosKqi3mirpzeqHX/93SFeQ0DAPBu1+x6gMQpVVjKnGA NyBxdu01dePYyHEaIdS/dwY45uIoye56JjuepUoRGzvFvsgRAxxpOfKX6Wdp njccLOUuW3Z+yBk52w9wne1PIFdiIx7roWTMBhSuAS/NYMsHeFLEgXcD+8zI QRB+nvii2tPvDyg/qDMIGXxx9jD9DjQepBMVZQBDfVTECRXCWzZpwc8BqS0V THgACoLjM22PiVRp83LicS+UG/4+iGxsKr2sEEE8ZoJQ/jV0C3i7gJVYFNhG kTFAG5yHtfuz+KL10pMDzqQtDa1yIoWlHElHAz7wflq97v+FH/Lqx1LXrOFz 0tJn83Msy3TSpuFlE12edXMz5kNlrUsOktOo0qv0syujvF2qtiLvzo+TK0XW c5WvVq8JPEVcEQ2p15ZcxkWQWf3SUv+Wptekq9SIZdIsofqF934wd+BH2ofu /wAA --></rfc>